sorcery 0.8.1 → 0.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (353) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +56 -0
  3. data/.travis.yml +130 -1
  4. data/CHANGELOG.md +279 -0
  5. data/Gemfile +18 -23
  6. data/README.md +372 -0
  7. data/Rakefile +3 -78
  8. data/gemfiles/active_record-rails40.gemfile +7 -0
  9. data/gemfiles/active_record-rails41.gemfile +7 -0
  10. data/gemfiles/mongo_mapper-rails40.gemfile +9 -0
  11. data/gemfiles/mongo_mapper-rails41.gemfile +9 -0
  12. data/gemfiles/mongoid-rails40.gemfile +9 -0
  13. data/gemfiles/mongoid-rails41.gemfile +9 -0
  14. data/gemfiles/mongoid3-rails32.gemfile +9 -0
  15. data/lib/generators/sorcery/USAGE +1 -1
  16. data/lib/generators/sorcery/helpers.rb +40 -0
  17. data/lib/generators/sorcery/install_generator.rb +38 -20
  18. data/lib/generators/sorcery/templates/initializer.rb +53 -16
  19. data/lib/generators/sorcery/templates/migration/activity_logging.rb +3 -10
  20. data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +3 -7
  21. data/lib/generators/sorcery/templates/migration/core.rb +5 -8
  22. data/lib/generators/sorcery/templates/migration/external.rb +3 -5
  23. data/lib/generators/sorcery/templates/migration/remember_me.rb +2 -9
  24. data/lib/generators/sorcery/templates/migration/reset_password.rb +2 -10
  25. data/lib/generators/sorcery/templates/migration/user_activation.rb +2 -10
  26. data/lib/sorcery/adapters/active_record_adapter.rb +120 -0
  27. data/lib/sorcery/adapters/base_adapter.rb +30 -0
  28. data/lib/sorcery/adapters/data_mapper_adapter.rb +176 -0
  29. data/lib/sorcery/adapters/mongo_mapper_adapter.rb +110 -0
  30. data/lib/sorcery/adapters/mongoid_adapter.rb +97 -0
  31. data/lib/sorcery/controller/config.rb +65 -0
  32. data/lib/sorcery/controller/submodules/activity_logging.rb +27 -21
  33. data/lib/sorcery/controller/submodules/brute_force_protection.rb +6 -6
  34. data/lib/sorcery/controller/submodules/external.rb +107 -75
  35. data/lib/sorcery/controller/submodules/remember_me.rb +5 -5
  36. data/lib/sorcery/controller/submodules/session_timeout.rb +11 -7
  37. data/lib/sorcery/controller.rb +27 -76
  38. data/lib/sorcery/model/config.rb +96 -0
  39. data/lib/sorcery/model/submodules/activity_logging.rb +32 -12
  40. data/lib/sorcery/model/submodules/brute_force_protection.rb +36 -36
  41. data/lib/sorcery/model/submodules/external.rb +53 -9
  42. data/lib/sorcery/model/submodules/remember_me.rb +15 -19
  43. data/lib/sorcery/model/submodules/reset_password.rb +36 -33
  44. data/lib/sorcery/model/submodules/user_activation.rb +51 -48
  45. data/lib/sorcery/model/temporary_token.rb +4 -4
  46. data/lib/sorcery/model.rb +85 -175
  47. data/lib/sorcery/protocols/oauth.rb +42 -0
  48. data/lib/sorcery/protocols/oauth2.rb +47 -0
  49. data/lib/sorcery/providers/base.rb +38 -0
  50. data/lib/sorcery/providers/facebook.rb +74 -0
  51. data/lib/sorcery/providers/github.rb +60 -0
  52. data/lib/sorcery/providers/google.rb +51 -0
  53. data/lib/sorcery/providers/heroku.rb +57 -0
  54. data/lib/sorcery/providers/jira.rb +77 -0
  55. data/lib/sorcery/providers/linkedin.rb +66 -0
  56. data/lib/sorcery/providers/liveid.rb +53 -0
  57. data/lib/sorcery/providers/salesforce.rb +50 -0
  58. data/lib/sorcery/providers/twitter.rb +59 -0
  59. data/lib/sorcery/providers/vk.rb +63 -0
  60. data/lib/sorcery/providers/xing.rb +64 -0
  61. data/lib/sorcery/railties/tasks.rake +1 -7
  62. data/lib/sorcery/test_helpers/internal/rails.rb +17 -6
  63. data/lib/sorcery/test_helpers/internal.rb +27 -6
  64. data/lib/sorcery/test_helpers/rails/controller.rb +21 -0
  65. data/lib/sorcery/test_helpers/rails/integration.rb +26 -0
  66. data/lib/sorcery/version.rb +3 -0
  67. data/lib/sorcery.rb +83 -57
  68. data/sorcery.gemspec +24 -363
  69. data/spec/active_record/user_activation_spec.rb +18 -0
  70. data/spec/active_record/user_activity_logging_spec.rb +17 -0
  71. data/spec/{rails3/spec → active_record}/user_brute_force_protection_spec.rb +6 -5
  72. data/spec/{rails3/spec → active_record}/user_oauth_spec.rb +6 -5
  73. data/spec/{rails3/spec → active_record}/user_remember_me_spec.rb +5 -4
  74. data/spec/{rails3/spec → active_record}/user_reset_password_spec.rb +7 -7
  75. data/spec/active_record/user_spec.rb +37 -0
  76. data/spec/controllers/controller_activity_logging_spec.rb +124 -0
  77. data/spec/controllers/controller_brute_force_protection_spec.rb +43 -0
  78. data/spec/controllers/controller_http_basic_auth_spec.rb +68 -0
  79. data/spec/controllers/controller_oauth2_spec.rb +429 -0
  80. data/spec/controllers/controller_oauth_spec.rb +240 -0
  81. data/spec/controllers/controller_remember_me_spec.rb +117 -0
  82. data/spec/controllers/controller_session_timeout_spec.rb +80 -0
  83. data/spec/controllers/controller_spec.rb +218 -0
  84. data/spec/data_mapper/user_activation_spec.rb +10 -0
  85. data/spec/data_mapper/user_activity_logging_spec.rb +14 -0
  86. data/spec/data_mapper/user_brute_force_protection_spec.rb +9 -0
  87. data/spec/data_mapper/user_oauth_spec.rb +9 -0
  88. data/spec/data_mapper/user_remember_me_spec.rb +8 -0
  89. data/spec/data_mapper/user_reset_password_spec.rb +8 -0
  90. data/spec/data_mapper/user_spec.rb +27 -0
  91. data/spec/mongo_mapper/user_activation_spec.rb +9 -0
  92. data/spec/mongo_mapper/user_activity_logging_spec.rb +8 -0
  93. data/spec/mongo_mapper/user_brute_force_protection_spec.rb +8 -0
  94. data/spec/mongo_mapper/user_oauth_spec.rb +8 -0
  95. data/spec/mongo_mapper/user_remember_me_spec.rb +8 -0
  96. data/spec/mongo_mapper/user_reset_password_spec.rb +8 -0
  97. data/spec/mongo_mapper/user_spec.rb +37 -0
  98. data/spec/mongoid/user_activation_spec.rb +9 -0
  99. data/spec/mongoid/user_activity_logging_spec.rb +8 -0
  100. data/spec/mongoid/user_brute_force_protection_spec.rb +8 -0
  101. data/spec/mongoid/user_oauth_spec.rb +8 -0
  102. data/spec/mongoid/user_remember_me_spec.rb +8 -0
  103. data/spec/mongoid/user_reset_password_spec.rb +8 -0
  104. data/spec/mongoid/user_spec.rb +51 -0
  105. data/spec/orm/active_record.rb +21 -0
  106. data/spec/orm/data_mapper.rb +48 -0
  107. data/spec/orm/mongo_mapper.rb +10 -0
  108. data/spec/orm/mongoid.rb +22 -0
  109. data/spec/{rails3/app/models → rails_app/app/active_record}/user.rb +1 -2
  110. data/spec/rails_app/app/active_record/user_provider.rb +3 -0
  111. data/spec/rails_app/app/controllers/sorcery_controller.rb +285 -0
  112. data/spec/rails_app/app/data_mapper/authentication.rb +8 -0
  113. data/spec/rails_app/app/data_mapper/user.rb +7 -0
  114. data/spec/{rails3_mongo_mapper/app/models → rails_app/app/mongo_mapper}/user.rb +2 -0
  115. data/spec/{rails3_mongoid/app/models → rails_app/app/mongoid}/user.rb +2 -0
  116. data/spec/rails_app/app/views/sorcery_mailer/send_unlock_token_email.text.erb +1 -0
  117. data/spec/{rails3_mongo_mapper → rails_app}/config/application.rb +13 -8
  118. data/spec/rails_app/config/boot.rb +4 -0
  119. data/spec/rails_app/config/database.yml +22 -0
  120. data/spec/{rails3_mongo_mapper → rails_app}/config/environments/test.rb +2 -0
  121. data/spec/{rails3_mongoid → rails_app}/config/initializers/session_store.rb +4 -0
  122. data/spec/rails_app/config/routes.rb +51 -0
  123. data/spec/{rails3_mongo_mapper → rails_app}/config.ru +1 -1
  124. data/spec/{rails3 → rails_app}/db/migrate/activation/20101224223622_add_activation_to_users.rb +3 -3
  125. data/spec/{rails3 → rails_app}/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +2 -0
  126. data/spec/{rails3 → rails_app}/db/migrate/core/20101224223620_create_users.rb +2 -2
  127. data/spec/rails_app/db/migrate/external/20101224223628_create_authentications_and_user_providers.rb +22 -0
  128. data/spec/rails_app/log/development.log +1791 -0
  129. data/spec/shared_examples/user_activation_shared_examples.rb +137 -98
  130. data/spec/shared_examples/user_activity_logging_shared_examples.rb +86 -13
  131. data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +140 -21
  132. data/spec/shared_examples/user_oauth_shared_examples.rb +21 -16
  133. data/spec/shared_examples/user_remember_me_shared_examples.rb +36 -24
  134. data/spec/shared_examples/user_reset_password_shared_examples.rb +163 -130
  135. data/spec/shared_examples/user_shared_examples.rb +370 -195
  136. data/spec/sorcery_crypto_providers_spec.rb +74 -72
  137. data/spec/spec_helper.rb +32 -4
  138. metadata +259 -425
  139. data/Gemfile.lock +0 -192
  140. data/README.rdoc +0 -261
  141. data/VERSION +0 -1
  142. data/lib/sorcery/controller/submodules/external/protocols/oauth1.rb +0 -35
  143. data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +0 -45
  144. data/lib/sorcery/controller/submodules/external/providers/facebook.rb +0 -97
  145. data/lib/sorcery/controller/submodules/external/providers/github.rb +0 -91
  146. data/lib/sorcery/controller/submodules/external/providers/google.rb +0 -90
  147. data/lib/sorcery/controller/submodules/external/providers/linkedin.rb +0 -101
  148. data/lib/sorcery/controller/submodules/external/providers/liveid.rb +0 -91
  149. data/lib/sorcery/controller/submodules/external/providers/twitter.rb +0 -92
  150. data/lib/sorcery/controller/submodules/external/providers/vk.rb +0 -99
  151. data/lib/sorcery/model/adapters/active_record.rb +0 -49
  152. data/lib/sorcery/model/adapters/mongo_mapper.rb +0 -56
  153. data/lib/sorcery/model/adapters/mongoid.rb +0 -88
  154. data/lib/sorcery/test_helpers/rails.rb +0 -16
  155. data/lib/sorcery/test_helpers.rb +0 -5
  156. data/spec/Gemfile +0 -12
  157. data/spec/Gemfile.lock +0 -129
  158. data/spec/README.md +0 -31
  159. data/spec/Rakefile +0 -12
  160. data/spec/rails3/.gitignore +0 -4
  161. data/spec/rails3/.rspec +0 -1
  162. data/spec/rails3/Gemfile +0 -15
  163. data/spec/rails3/Gemfile.lock +0 -162
  164. data/spec/rails3/README +0 -256
  165. data/spec/rails3/Rakefile +0 -11
  166. data/spec/rails3/app/controllers/application_controller.rb +0 -208
  167. data/spec/rails3/app/views/sorcery_mailer/send_unlock_token_email.text.erb +0 -1
  168. data/spec/rails3/config/application.rb +0 -46
  169. data/spec/rails3/config/boot.rb +0 -13
  170. data/spec/rails3/config/database.yml +0 -27
  171. data/spec/rails3/config/environments/development.rb +0 -26
  172. data/spec/rails3/config/environments/in_memory.rb +0 -35
  173. data/spec/rails3/config/environments/production.rb +0 -49
  174. data/spec/rails3/config/environments/test.rb +0 -35
  175. data/spec/rails3/config/initializers/session_store.rb +0 -8
  176. data/spec/rails3/config/routes.rb +0 -59
  177. data/spec/rails3/config.ru +0 -4
  178. data/spec/rails3/db/migrate/external/20101224223628_create_authentications.rb +0 -14
  179. data/spec/rails3/lib/tasks/.gitkeep +0 -0
  180. data/spec/rails3/public/404.html +0 -26
  181. data/spec/rails3/public/422.html +0 -26
  182. data/spec/rails3/public/500.html +0 -26
  183. data/spec/rails3/public/favicon.ico +0 -0
  184. data/spec/rails3/public/images/rails.png +0 -0
  185. data/spec/rails3/public/javascripts/application.js +0 -2
  186. data/spec/rails3/public/javascripts/controls.js +0 -965
  187. data/spec/rails3/public/javascripts/dragdrop.js +0 -974
  188. data/spec/rails3/public/javascripts/effects.js +0 -1123
  189. data/spec/rails3/public/javascripts/prototype.js +0 -6001
  190. data/spec/rails3/public/javascripts/rails.js +0 -175
  191. data/spec/rails3/public/robots.txt +0 -5
  192. data/spec/rails3/public/stylesheets/.gitkeep +0 -0
  193. data/spec/rails3/script/rails +0 -6
  194. data/spec/rails3/spec/controller_activity_logging_spec.rb +0 -115
  195. data/spec/rails3/spec/controller_brute_force_protection_spec.rb +0 -88
  196. data/spec/rails3/spec/controller_http_basic_auth_spec.rb +0 -50
  197. data/spec/rails3/spec/controller_oauth2_spec.rb +0 -380
  198. data/spec/rails3/spec/controller_oauth_spec.rb +0 -206
  199. data/spec/rails3/spec/controller_remember_me_spec.rb +0 -96
  200. data/spec/rails3/spec/controller_session_timeout_spec.rb +0 -55
  201. data/spec/rails3/spec/controller_spec.rb +0 -177
  202. data/spec/rails3/spec/integration_spec.rb +0 -23
  203. data/spec/rails3/spec/spec.opts +0 -2
  204. data/spec/rails3/spec/spec_helper.orig.rb +0 -27
  205. data/spec/rails3/spec/spec_helper.rb +0 -71
  206. data/spec/rails3/spec/user_activation_spec.rb +0 -16
  207. data/spec/rails3/spec/user_activity_logging_spec.rb +0 -8
  208. data/spec/rails3/spec/user_spec.rb +0 -36
  209. data/spec/rails3/vendor/plugins/.gitkeep +0 -0
  210. data/spec/rails3_mongo_mapper/.gitignore +0 -4
  211. data/spec/rails3_mongo_mapper/.rspec +0 -1
  212. data/spec/rails3_mongo_mapper/Gemfile +0 -16
  213. data/spec/rails3_mongo_mapper/Gemfile.lock +0 -156
  214. data/spec/rails3_mongo_mapper/Rakefile +0 -11
  215. data/spec/rails3_mongo_mapper/app/controllers/application_controller.rb +0 -122
  216. data/spec/rails3_mongo_mapper/app/helpers/application_helper.rb +0 -2
  217. data/spec/rails3_mongo_mapper/app/mailers/sorcery_mailer.rb +0 -25
  218. data/spec/rails3_mongo_mapper/app/views/layouts/application.html.erb +0 -14
  219. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.html.erb +0 -17
  220. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.text.erb +0 -9
  221. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_success_email.text.erb +0 -9
  222. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.html.erb +0 -16
  223. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.text.erb +0 -8
  224. data/spec/rails3_mongo_mapper/config/boot.rb +0 -13
  225. data/spec/rails3_mongo_mapper/config/environment.rb +0 -5
  226. data/spec/rails3_mongo_mapper/config/environments/development.rb +0 -30
  227. data/spec/rails3_mongo_mapper/config/environments/in_memory.rb +0 -0
  228. data/spec/rails3_mongo_mapper/config/environments/production.rb +0 -49
  229. data/spec/rails3_mongo_mapper/config/initializers/backtrace_silencers.rb +0 -7
  230. data/spec/rails3_mongo_mapper/config/initializers/inflections.rb +0 -10
  231. data/spec/rails3_mongo_mapper/config/initializers/mime_types.rb +0 -5
  232. data/spec/rails3_mongo_mapper/config/initializers/mongo.rb +0 -2
  233. data/spec/rails3_mongo_mapper/config/initializers/secret_token.rb +0 -7
  234. data/spec/rails3_mongo_mapper/config/initializers/session_store.rb +0 -8
  235. data/spec/rails3_mongo_mapper/config/locales/en.yml +0 -5
  236. data/spec/rails3_mongo_mapper/config/routes.rb +0 -59
  237. data/spec/rails3_mongo_mapper/db/schema.rb +0 -23
  238. data/spec/rails3_mongo_mapper/db/seeds.rb +0 -7
  239. data/spec/rails3_mongo_mapper/lib/tasks/.gitkeep +0 -0
  240. data/spec/rails3_mongo_mapper/public/404.html +0 -26
  241. data/spec/rails3_mongo_mapper/public/422.html +0 -26
  242. data/spec/rails3_mongo_mapper/public/500.html +0 -26
  243. data/spec/rails3_mongo_mapper/public/favicon.ico +0 -0
  244. data/spec/rails3_mongo_mapper/public/images/rails.png +0 -0
  245. data/spec/rails3_mongo_mapper/public/javascripts/application.js +0 -2
  246. data/spec/rails3_mongo_mapper/public/javascripts/controls.js +0 -965
  247. data/spec/rails3_mongo_mapper/public/javascripts/dragdrop.js +0 -974
  248. data/spec/rails3_mongo_mapper/public/javascripts/effects.js +0 -1123
  249. data/spec/rails3_mongo_mapper/public/javascripts/prototype.js +0 -6001
  250. data/spec/rails3_mongo_mapper/public/javascripts/rails.js +0 -175
  251. data/spec/rails3_mongo_mapper/public/robots.txt +0 -5
  252. data/spec/rails3_mongo_mapper/public/stylesheets/.gitkeep +0 -0
  253. data/spec/rails3_mongo_mapper/script/rails +0 -6
  254. data/spec/rails3_mongo_mapper/spec/controller_spec.rb +0 -170
  255. data/spec/rails3_mongo_mapper/spec/spec.opts +0 -2
  256. data/spec/rails3_mongo_mapper/spec/spec_helper.orig.rb +0 -27
  257. data/spec/rails3_mongo_mapper/spec/spec_helper.rb +0 -55
  258. data/spec/rails3_mongo_mapper/spec/user_activation_spec.rb +0 -9
  259. data/spec/rails3_mongo_mapper/spec/user_activity_logging_spec.rb +0 -8
  260. data/spec/rails3_mongo_mapper/spec/user_brute_force_protection_spec.rb +0 -8
  261. data/spec/rails3_mongo_mapper/spec/user_oauth_spec.rb +0 -8
  262. data/spec/rails3_mongo_mapper/spec/user_remember_me_spec.rb +0 -8
  263. data/spec/rails3_mongo_mapper/spec/user_reset_password_spec.rb +0 -8
  264. data/spec/rails3_mongo_mapper/spec/user_spec.rb +0 -37
  265. data/spec/rails3_mongo_mapper/vendor/plugins/.gitkeep +0 -0
  266. data/spec/rails3_mongoid/.gitignore +0 -4
  267. data/spec/rails3_mongoid/.rspec +0 -1
  268. data/spec/rails3_mongoid/Gemfile +0 -15
  269. data/spec/rails3_mongoid/Gemfile.lock +0 -146
  270. data/spec/rails3_mongoid/Rakefile +0 -11
  271. data/spec/rails3_mongoid/app/controllers/application_controller.rb +0 -127
  272. data/spec/rails3_mongoid/app/helpers/application_helper.rb +0 -2
  273. data/spec/rails3_mongoid/app/mailers/sorcery_mailer.rb +0 -25
  274. data/spec/rails3_mongoid/app/views/layouts/application.html.erb +0 -14
  275. data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_email.html.erb +0 -17
  276. data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_email.text.erb +0 -9
  277. data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_success_email.html.erb +0 -17
  278. data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_success_email.text.erb +0 -9
  279. data/spec/rails3_mongoid/app/views/sorcery_mailer/reset_password_email.html.erb +0 -16
  280. data/spec/rails3_mongoid/app/views/sorcery_mailer/reset_password_email.text.erb +0 -8
  281. data/spec/rails3_mongoid/config/application.rb +0 -51
  282. data/spec/rails3_mongoid/config/boot.rb +0 -13
  283. data/spec/rails3_mongoid/config/environment.rb +0 -5
  284. data/spec/rails3_mongoid/config/environments/development.rb +0 -26
  285. data/spec/rails3_mongoid/config/environments/in_memory.rb +0 -0
  286. data/spec/rails3_mongoid/config/environments/production.rb +0 -49
  287. data/spec/rails3_mongoid/config/environments/test.rb +0 -35
  288. data/spec/rails3_mongoid/config/initializers/backtrace_silencers.rb +0 -7
  289. data/spec/rails3_mongoid/config/initializers/inflections.rb +0 -10
  290. data/spec/rails3_mongoid/config/initializers/mime_types.rb +0 -5
  291. data/spec/rails3_mongoid/config/initializers/secret_token.rb +0 -7
  292. data/spec/rails3_mongoid/config/locales/en.yml +0 -5
  293. data/spec/rails3_mongoid/config/mongoid.yml +0 -7
  294. data/spec/rails3_mongoid/config/routes.rb +0 -59
  295. data/spec/rails3_mongoid/config.ru +0 -4
  296. data/spec/rails3_mongoid/db/schema.rb +0 -23
  297. data/spec/rails3_mongoid/db/seeds.rb +0 -7
  298. data/spec/rails3_mongoid/lib/tasks/.gitkeep +0 -0
  299. data/spec/rails3_mongoid/public/404.html +0 -26
  300. data/spec/rails3_mongoid/public/422.html +0 -26
  301. data/spec/rails3_mongoid/public/500.html +0 -26
  302. data/spec/rails3_mongoid/public/favicon.ico +0 -0
  303. data/spec/rails3_mongoid/public/images/rails.png +0 -0
  304. data/spec/rails3_mongoid/public/javascripts/application.js +0 -2
  305. data/spec/rails3_mongoid/public/javascripts/controls.js +0 -965
  306. data/spec/rails3_mongoid/public/javascripts/dragdrop.js +0 -974
  307. data/spec/rails3_mongoid/public/javascripts/effects.js +0 -1123
  308. data/spec/rails3_mongoid/public/javascripts/prototype.js +0 -6001
  309. data/spec/rails3_mongoid/public/javascripts/rails.js +0 -175
  310. data/spec/rails3_mongoid/public/robots.txt +0 -5
  311. data/spec/rails3_mongoid/public/stylesheets/.gitkeep +0 -0
  312. data/spec/rails3_mongoid/script/rails +0 -6
  313. data/spec/rails3_mongoid/spec/controller_activity_logging_spec.rb +0 -105
  314. data/spec/rails3_mongoid/spec/controller_spec.rb +0 -181
  315. data/spec/rails3_mongoid/spec/spec.opts +0 -2
  316. data/spec/rails3_mongoid/spec/spec_helper.orig.rb +0 -27
  317. data/spec/rails3_mongoid/spec/spec_helper.rb +0 -55
  318. data/spec/rails3_mongoid/spec/user_activation_spec.rb +0 -9
  319. data/spec/rails3_mongoid/spec/user_activity_logging_spec.rb +0 -8
  320. data/spec/rails3_mongoid/spec/user_brute_force_protection_spec.rb +0 -8
  321. data/spec/rails3_mongoid/spec/user_oauth_spec.rb +0 -8
  322. data/spec/rails3_mongoid/spec/user_remember_me_spec.rb +0 -8
  323. data/spec/rails3_mongoid/spec/user_reset_password_spec.rb +0 -8
  324. data/spec/rails3_mongoid/spec/user_spec.rb +0 -38
  325. data/spec/rails3_mongoid/vendor/plugins/.gitkeep +0 -0
  326. data/spec/shared_examples/controller_oauth2_shared_examples.rb +0 -56
  327. data/spec/shared_examples/controller_oauth_shared_examples.rb +0 -55
  328. /data/lib/sorcery/{controller/submodules/external/protocols → protocols}/certs/ca-bundle.crt +0 -0
  329. /data/spec/{rails3/app/models → rails_app/app/active_record}/authentication.rb +0 -0
  330. /data/spec/{rails3 → rails_app}/app/helpers/application_helper.rb +0 -0
  331. /data/spec/{rails3 → rails_app}/app/mailers/sorcery_mailer.rb +0 -0
  332. /data/spec/{rails3_mongo_mapper/app/models → rails_app/app/mongo_mapper}/authentication.rb +0 -0
  333. /data/spec/{rails3_mongoid/app/models → rails_app/app/mongoid}/authentication.rb +0 -0
  334. /data/spec/{rails3 → rails_app}/app/views/application/index.html.erb +0 -0
  335. /data/spec/{rails3 → rails_app}/app/views/layouts/application.html.erb +0 -0
  336. /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/activation_email.html.erb +0 -0
  337. /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/activation_email.text.erb +0 -0
  338. /data/spec/{rails3/app/views/sorcery_mailer/activation_success_email.html.erb → rails_app/app/views/sorcery_mailer/activation_needed_email.html.erb} +0 -0
  339. /data/spec/{rails3_mongo_mapper → rails_app}/app/views/sorcery_mailer/activation_success_email.html.erb +0 -0
  340. /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/activation_success_email.text.erb +0 -0
  341. /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/reset_password_email.html.erb +0 -0
  342. /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/reset_password_email.text.erb +0 -0
  343. /data/spec/{rails3 → rails_app}/config/environment.rb +0 -0
  344. /data/spec/{rails3 → rails_app}/config/initializers/backtrace_silencers.rb +0 -0
  345. /data/spec/{rails3 → rails_app}/config/initializers/inflections.rb +0 -0
  346. /data/spec/{rails3 → rails_app}/config/initializers/mime_types.rb +0 -0
  347. /data/spec/{rails3 → rails_app}/config/initializers/secret_token.rb +0 -0
  348. /data/spec/{rails3 → rails_app}/config/locales/en.yml +0 -0
  349. /data/spec/{rails3 → rails_app}/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +0 -0
  350. /data/spec/{rails3 → rails_app}/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +0 -0
  351. /data/spec/{rails3 → rails_app}/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +0 -0
  352. /data/spec/{rails3 → rails_app}/db/schema.rb +0 -0
  353. /data/spec/{rails3 → rails_app}/db/seeds.rb +0 -0
@@ -0,0 +1,429 @@
1
+ require 'spec_helper'
2
+
3
+ # require 'shared_examples/controller_oauth2_shared_examples'
4
+
5
+ describe SorceryController, :active_record => true do
6
+ before(:all) do
7
+ if SORCERY_ORM == :active_record
8
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
9
+ User.reset_column_information
10
+ end
11
+
12
+ sorcery_reload!([:external])
13
+ set_external_property
14
+ end
15
+
16
+ after(:all) do
17
+ if SORCERY_ORM == :active_record
18
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
19
+ end
20
+ end
21
+
22
+ describe 'using create_from' do
23
+ before(:each) do
24
+ stub_all_oauth2_requests!
25
+ end
26
+
27
+ it 'creates a new user' do
28
+ sorcery_model_property_set(:authentications_class, Authentication)
29
+ sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'name' })
30
+
31
+ expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Noam Ben Ari'})
32
+ get :test_create_from_provider, provider: 'facebook'
33
+ end
34
+
35
+ it 'supports nested attributes' do
36
+ sorcery_model_property_set(:authentications_class, Authentication)
37
+ sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'hometown/name' })
38
+ expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Haifa, Israel'})
39
+
40
+ get :test_create_from_provider, provider: 'facebook'
41
+ end
42
+
43
+ it 'does not crash on missing nested attributes' do
44
+ sorcery_model_property_set(:authentications_class, Authentication)
45
+ sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'name', created_at: 'does/not/exist' })
46
+
47
+ expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Noam Ben Ari'})
48
+
49
+ get :test_create_from_provider, provider: 'facebook'
50
+ end
51
+
52
+ describe 'with a block' do
53
+ it 'does not create user' do
54
+ sorcery_model_property_set(:authentications_class, Authentication)
55
+ sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'name' })
56
+
57
+ u = double('user')
58
+ expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Noam Ben Ari'}).and_return(u).and_yield(u)
59
+ # test_create_from_provider_with_block in controller will check for uniqueness of username
60
+ get :test_create_from_provider_with_block, provider: 'facebook'
61
+ end
62
+ end
63
+ end
64
+
65
+ # ----------------- OAuth -----------------------
66
+ context "with OAuth features" do
67
+
68
+ let(:user) { double('user', id: 42) }
69
+
70
+ before(:each) do
71
+ stub_all_oauth2_requests!
72
+ end
73
+
74
+ after(:each) do
75
+ User.sorcery_adapter.delete_all
76
+ Authentication.sorcery_adapter.delete_all
77
+ end
78
+
79
+ context "when callback_url begin with /" do
80
+ before do
81
+ sorcery_controller_external_property_set(:facebook, :callback_url, "/oauth/twitter/callback")
82
+ end
83
+ it "login_at redirects correctly" do
84
+ get :login_at_test_facebook
85
+ expect(response).to be_a_redirect
86
+ expect(response).to redirect_to("https://www.facebook.com/dialog/oauth?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email&state=")
87
+ end
88
+
89
+ it "logins with state" do
90
+ get :login_at_test_with_state
91
+ expect(response).to be_a_redirect
92
+ expect(response).to redirect_to("https://www.facebook.com/dialog/oauth?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email&state=bla")
93
+ end
94
+
95
+ it "logins with Graph API version" do
96
+ sorcery_controller_external_property_set(:facebook, :api_version, "v2.2")
97
+ get :login_at_test_with_state
98
+ expect(response).to be_a_redirect
99
+ expect(response).to redirect_to("https://www.facebook.com/v2.2/dialog/oauth?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email&state=bla")
100
+ end
101
+
102
+ it "logins without state after login with state" do
103
+ get :login_at_test_with_state
104
+ expect(response).to redirect_to("https://www.facebook.com/v2.2/dialog/oauth?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email&state=bla")
105
+
106
+ get :login_at_test_facebook
107
+ expect(response).to redirect_to("https://www.facebook.com/v2.2/dialog/oauth?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email&state=")
108
+ end
109
+
110
+ after do
111
+ sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
112
+ end
113
+ end
114
+
115
+ context "when callback_url begin with http://" do
116
+ it "login_at redirects correctly" do
117
+ create_new_user
118
+ get :login_at_test_facebook
119
+ expect(response).to be_a_redirect
120
+ expect(response).to redirect_to("https://www.facebook.com/v2.2/dialog/oauth?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email&state=")
121
+ end
122
+ end
123
+
124
+ it "'login_from' logins if user exists" do
125
+ # dirty hack for rails 4
126
+ allow(subject).to receive(:register_last_activity_time_to_db)
127
+
128
+ sorcery_model_property_set(:authentications_class, Authentication)
129
+ expect(User).to receive(:load_from_provider).with(:facebook, '123').and_return(user)
130
+ get :test_login_from_facebook
131
+
132
+ expect(flash[:notice]).to eq "Success!"
133
+ end
134
+
135
+ it "'login_from' fails if user doesn't exist" do
136
+ sorcery_model_property_set(:authentications_class, Authentication)
137
+ expect(User).to receive(:load_from_provider).with(:facebook, '123').and_return(nil)
138
+ get :test_login_from_facebook
139
+
140
+ expect(flash[:alert]).to eq "Failed!"
141
+ end
142
+
143
+ it "on successful login_from the user is redirected to the url he originally wanted" do
144
+ # dirty hack for rails 4
145
+ allow(subject).to receive(:register_last_activity_time_to_db)
146
+
147
+ sorcery_model_property_set(:authentications_class, Authentication)
148
+ expect(User).to receive(:load_from_provider).with(:facebook, '123').and_return(user)
149
+ get :test_return_to_with_external_facebook, {}, :return_to_url => "fuu"
150
+
151
+ expect(response).to redirect_to("fuu")
152
+ expect(flash[:notice]).to eq "Success!"
153
+ end
154
+
155
+ [:github, :google, :liveid, :vk, :salesforce].each do |provider|
156
+
157
+ describe "with #{provider}" do
158
+
159
+ it "login_at redirects correctly" do
160
+ get :"login_at_test_#{provider}"
161
+
162
+ expect(response).to be_a_redirect
163
+ expect(response).to redirect_to(provider_url provider)
164
+ end
165
+
166
+ it "'login_from' logins if user exists" do
167
+ # dirty hack for rails 4
168
+ allow(subject).to receive(:register_last_activity_time_to_db)
169
+
170
+ sorcery_model_property_set(:authentications_class, Authentication)
171
+ expect(User).to receive(:load_from_provider).with(provider, '123').and_return(user)
172
+ get :"test_login_from_#{provider}"
173
+
174
+ expect(flash[:notice]).to eq "Success!"
175
+ end
176
+
177
+ it "'login_from' fails if user doesn't exist" do
178
+ sorcery_model_property_set(:authentications_class, Authentication)
179
+ expect(User).to receive(:load_from_provider).with(provider, '123').and_return(nil)
180
+ get :"test_login_from_#{provider}"
181
+
182
+ expect(flash[:alert]).to eq "Failed!"
183
+ end
184
+
185
+ it "on successful login_from the user is redirected to the url he originally wanted (#{provider})" do
186
+ # dirty hack for rails 4
187
+ allow(subject).to receive(:register_last_activity_time_to_db)
188
+
189
+ sorcery_model_property_set(:authentications_class, Authentication)
190
+ expect(User).to receive(:load_from_provider).with(provider, '123').and_return(user)
191
+ get :"test_return_to_with_external_#{provider}", {}, :return_to_url => "fuu"
192
+
193
+ expect(response).to redirect_to "fuu"
194
+ expect(flash[:notice]).to eq "Success!"
195
+ end
196
+ end
197
+ end
198
+
199
+ end
200
+
201
+ describe "OAuth with User Activation features" do
202
+ before(:all) do
203
+ if SORCERY_ORM == :active_record
204
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/activation")
205
+ end
206
+
207
+ sorcery_reload!([:user_activation,:external], :user_activation_mailer => ::SorceryMailer)
208
+ sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid, :vk, :salesforce])
209
+
210
+ sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
211
+ sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
212
+ sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
213
+ sorcery_controller_external_property_set(:github, :key, "eYVNBjBDi33aa9GkA3w")
214
+ sorcery_controller_external_property_set(:github, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
215
+ sorcery_controller_external_property_set(:github, :callback_url, "http://blabla.com")
216
+ sorcery_controller_external_property_set(:google, :key, "eYVNBjBDi33aa9GkA3w")
217
+ sorcery_controller_external_property_set(:google, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
218
+ sorcery_controller_external_property_set(:google, :callback_url, "http://blabla.com")
219
+ sorcery_controller_external_property_set(:liveid, :key, "eYVNBjBDi33aa9GkA3w")
220
+ sorcery_controller_external_property_set(:liveid, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
221
+ sorcery_controller_external_property_set(:liveid, :callback_url, "http://blabla.com")
222
+ sorcery_controller_external_property_set(:vk, :key, "eYVNBjBDi33aa9GkA3w")
223
+ sorcery_controller_external_property_set(:vk, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
224
+ sorcery_controller_external_property_set(:vk, :callback_url, "http://blabla.com")
225
+ sorcery_controller_external_property_set(:salesforce, :key, "eYVNBjBDi33aa9GkA3w")
226
+ sorcery_controller_external_property_set(:salesforce, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
227
+ sorcery_controller_external_property_set(:salesforce, :callback_url, "http://blabla.com")
228
+ end
229
+
230
+ after(:all) do
231
+ if SORCERY_ORM == :active_record
232
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activation")
233
+ end
234
+ end
235
+
236
+ after(:each) do
237
+ User.sorcery_adapter.delete_all
238
+ end
239
+
240
+ it "does not send activation email to external users" do
241
+ old_size = ActionMailer::Base.deliveries.size
242
+ create_new_external_user(:facebook)
243
+
244
+ expect(ActionMailer::Base.deliveries.size).to eq old_size
245
+ end
246
+
247
+ it "does not send external users an activation success email" do
248
+ sorcery_model_property_set(:activation_success_email_method_name, nil)
249
+ create_new_external_user(:facebook)
250
+ old_size = ActionMailer::Base.deliveries.size
251
+ @user.activate!
252
+
253
+ expect(ActionMailer::Base.deliveries.size).to eq old_size
254
+ end
255
+
256
+ [:github, :google, :liveid, :vk, :salesforce].each do |provider|
257
+ it "does not send activation email to external users (#{provider})" do
258
+ old_size = ActionMailer::Base.deliveries.size
259
+ create_new_external_user provider
260
+ expect(ActionMailer::Base.deliveries.size).to eq old_size
261
+ end
262
+
263
+ it "does not send external users an activation success email (#{provider})" do
264
+ sorcery_model_property_set(:activation_success_email_method_name, nil)
265
+ create_new_external_user provider
266
+ old_size = ActionMailer::Base.deliveries.size
267
+ @user.activate!
268
+ end
269
+ end
270
+ end
271
+
272
+ describe "OAuth with user activation features" do
273
+
274
+ let(:user) { double('user', id: 42) }
275
+
276
+ before(:all) do
277
+ sorcery_reload!([:activity_logging, :external])
278
+ end
279
+
280
+ after(:all) do
281
+ if SORCERY_ORM == :active_record
282
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
283
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activity_logging")
284
+ end
285
+ end
286
+
287
+ %w(facebook github google liveid vk salesforce).each do |provider|
288
+ context "when #{provider}" do
289
+ before(:each) do
290
+ sorcery_controller_property_set(:register_login_time, true)
291
+ sorcery_controller_property_set(:register_logout_time, false)
292
+ sorcery_controller_property_set(:register_last_activity_time, false)
293
+ sorcery_controller_property_set(:register_last_ip_address, false)
294
+ stub_all_oauth2_requests!
295
+ sorcery_model_property_set(:authentications_class, Authentication)
296
+ end
297
+
298
+ it "registers login time" do
299
+ now = Time.now.in_time_zone
300
+ Timecop.freeze(now)
301
+ expect(User).to receive(:load_from_provider).and_return(user)
302
+ expect(user).to receive(:set_last_login_at).with(be_within(0.1).of(now))
303
+ get "test_login_from_#{provider}".to_sym
304
+ Timecop.return
305
+ end
306
+
307
+ it "does not register login time if configured so" do
308
+ sorcery_controller_property_set(:register_login_time, false)
309
+ now = Time.now.in_time_zone
310
+ Timecop.freeze(now)
311
+ expect(User).to receive(:load_from_provider).and_return(user)
312
+ expect(user).to receive(:set_last_login_at).never
313
+ get "test_login_from_#{provider}".to_sym
314
+
315
+ end
316
+ end
317
+ end
318
+ end
319
+
320
+ describe "OAuth with session timeout features" do
321
+ before(:all) do
322
+ sorcery_reload!([:session_timeout, :external])
323
+ end
324
+
325
+ let(:user) { double('user', id: 42) }
326
+
327
+ %w(facebook github google liveid vk salesforce).each do |provider|
328
+ context "when #{provider}" do
329
+ before(:each) do
330
+ sorcery_model_property_set(:authentications_class, Authentication)
331
+ sorcery_controller_property_set(:session_timeout,0.5)
332
+ stub_all_oauth2_requests!
333
+ end
334
+
335
+ after(:each) do
336
+ Timecop.return
337
+ end
338
+
339
+ it "does not reset session before session timeout" do
340
+ expect(User).to receive(:load_from_provider).with(provider.to_sym, '123').and_return(user)
341
+ get "test_login_from_#{provider}".to_sym
342
+
343
+ expect(session[:user_id]).not_to be_nil
344
+ expect(flash[:notice]).to eq "Success!"
345
+ end
346
+
347
+ it "resets session after session timeout" do
348
+ expect(User).to receive(:load_from_provider).with(provider.to_sym, '123').and_return(user)
349
+ get "test_login_from_#{provider}".to_sym
350
+ expect(session[:user_id]).to eq "42"
351
+ Timecop.travel(Time.now.in_time_zone+0.6)
352
+ get :test_should_be_logged_in
353
+
354
+ expect(session[:user_id]).to be_nil
355
+ expect(response).to be_a_redirect
356
+ end
357
+ end
358
+ end
359
+ end
360
+
361
+ def stub_all_oauth2_requests!
362
+ access_token = double(OAuth2::AccessToken)
363
+ allow(access_token).to receive(:token_param=)
364
+ response = double(OAuth2::Response)
365
+ allow(response).to receive(:body) { {
366
+ "id"=>"123",
367
+ "user_id"=>"123", # Needed for Salesforce
368
+ "name"=>"Noam Ben Ari",
369
+ "first_name"=>"Noam",
370
+ "last_name"=>"Ben Ari",
371
+ "link"=>"http://www.facebook.com/nbenari1",
372
+ "hometown"=>{"id"=>"110619208966868", "name"=>"Haifa, Israel"},
373
+ "location"=>{"id"=>"106906559341067", "name"=>"Pardes Hanah, Hefa, Israel"},
374
+ "bio"=>"I'm a new daddy, and enjoying it!",
375
+ "gender"=>"male",
376
+ "email"=>"nbenari@gmail.com",
377
+ "timezone"=>2,
378
+ "locale"=>"en_US",
379
+ "languages"=>[{"id"=>"108405449189952", "name"=>"Hebrew"}, {"id"=>"106059522759137", "name"=>"English"}, {"id"=>"112624162082677", "name"=>"Russian"}],
380
+ "verified"=>true,
381
+ "updated_time"=>"2011-02-16T20:59:38+0000",
382
+ # response for VK auth
383
+ "response"=>[
384
+ {
385
+ "uid"=>"123",
386
+ "first_name"=>"Noam",
387
+ "last_name"=>"Ben Ari"
388
+ }
389
+ ]}.to_json }
390
+ allow(access_token).to receive(:get) { response }
391
+ allow(access_token).to receive(:token) { "187041a618229fdaf16613e96e1caabc1e86e46bbfad228de41520e63fe45873684c365a14417289599f3" }
392
+ # access_token params for VK auth
393
+ allow(access_token).to receive(:params) { { "user_id"=>"100500", "email"=>"nbenari@gmail.com" } }
394
+ allow_any_instance_of(OAuth2::Strategy::AuthCode).to receive(:get_token) { access_token }
395
+ end
396
+
397
+ def set_external_property
398
+ sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid, :vk, :salesforce])
399
+ sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
400
+ sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
401
+ sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
402
+ sorcery_controller_external_property_set(:github, :key, "eYVNBjBDi33aa9GkA3w")
403
+ sorcery_controller_external_property_set(:github, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
404
+ sorcery_controller_external_property_set(:github, :callback_url, "http://blabla.com")
405
+ sorcery_controller_external_property_set(:google, :key, "eYVNBjBDi33aa9GkA3w")
406
+ sorcery_controller_external_property_set(:google, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
407
+ sorcery_controller_external_property_set(:google, :callback_url, "http://blabla.com")
408
+ sorcery_controller_external_property_set(:liveid, :key, "eYVNBjBDi33aa9GkA3w")
409
+ sorcery_controller_external_property_set(:liveid, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
410
+ sorcery_controller_external_property_set(:liveid, :callback_url, "http://blabla.com")
411
+ sorcery_controller_external_property_set(:vk, :key, "eYVNBjBDi33aa9GkA3w")
412
+ sorcery_controller_external_property_set(:vk, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
413
+ sorcery_controller_external_property_set(:vk, :callback_url, "http://blabla.com")
414
+ sorcery_controller_external_property_set(:salesforce, :key, "eYVNBjBDi33aa9GkA3w")
415
+ sorcery_controller_external_property_set(:salesforce, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
416
+ sorcery_controller_external_property_set(:salesforce, :callback_url, "http://blabla.com")
417
+ end
418
+
419
+ def provider_url(provider)
420
+ {
421
+ github: "https://github.com/login/oauth/authorize?client_id=#{::Sorcery::Controller::Config.github.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=&state=",
422
+ google: "https://accounts.google.com/o/oauth2/auth?client_id=#{::Sorcery::Controller::Config.google.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&state=",
423
+ liveid: "https://oauth.live.com/authorize?client_id=#{::Sorcery::Controller::Config.liveid.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=wl.basic+wl.emails+wl.offline_access&state=",
424
+ vk: "https://oauth.vk.com/authorize?client_id=#{::Sorcery::Controller::Config.vk.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=#{::Sorcery::Controller::Config.vk.scope}&state=",
425
+ salesforce: "https://login.salesforce.com/services/oauth2/authorize?client_id=#{::Sorcery::Controller::Config.salesforce.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=#{::Sorcery::Controller::Config.salesforce.scope}&state="
426
+ }[provider]
427
+ end
428
+ end
429
+
@@ -0,0 +1,240 @@
1
+ require 'spec_helper'
2
+
3
+ # require 'shared_examples/controller_oauth_shared_examples'
4
+ require 'ostruct'
5
+
6
+ def stub_all_oauth_requests!
7
+ consumer = OAuth::Consumer.new("key","secret", :site => "http://myapi.com")
8
+ req_token = OAuth::RequestToken.new(consumer)
9
+ acc_token = OAuth::AccessToken.new(consumer)
10
+
11
+ response = OpenStruct.new()
12
+ response.body = {"following"=>false, "listed_count"=>0, "profile_link_color"=>"0084B4", "profile_image_url"=>"http://a1.twimg.com/profile_images/536178575/noamb_normal.jpg", "description"=>"Programmer/Heavy Metal Fan/New Father", "status"=>{"text"=>"coming soon to sorcery gem: twitter and facebook authentication support.", "truncated"=>false, "favorited"=>false, "source"=>"web", "geo"=>nil, "in_reply_to_screen_name"=>nil, "in_reply_to_user_id"=>nil, "in_reply_to_status_id_str"=>nil, "created_at"=>"Sun Mar 06 23:01:12 +0000 2011", "contributors"=>nil, "place"=>nil, "retweeted"=>false, "in_reply_to_status_id"=>nil, "in_reply_to_user_id_str"=>nil, "coordinates"=>nil, "retweet_count"=>0, "id"=>44533012284706816, "id_str"=>"44533012284706816"}, "show_all_inline_media"=>false, "geo_enabled"=>true, "profile_sidebar_border_color"=>"a8c7f7", "url"=>nil, "followers_count"=>10, "screen_name"=>"nbenari", "profile_use_background_image"=>true, "location"=>"Israel", "statuses_count"=>25, "profile_background_color"=>"022330", "lang"=>"en", "verified"=>false, "notifications"=>false, "profile_background_image_url"=>"http://a3.twimg.com/profile_background_images/104087198/04042010339.jpg", "favourites_count"=>5, "created_at"=>"Fri Nov 20 21:58:19 +0000 2009", "is_translator"=>false, "contributors_enabled"=>false, "protected"=>false, "follow_request_sent"=>false, "time_zone"=>"Greenland", "profile_text_color"=>"333333", "name"=>"Noam Ben Ari", "friends_count"=>10, "profile_sidebar_fill_color"=>"C0DFEC", "id"=>123, "id_str"=>"91434812", "profile_background_tile"=>false, "utc_offset"=>-10800}.to_json
13
+
14
+ session[:request_token] = req_token.token
15
+ session[:request_token_secret] = req_token.secret
16
+
17
+ allow(OAuth::Consumer).to receive(:new) { consumer }
18
+ allow(consumer).to receive(:get_request_token) { req_token }
19
+ allow(req_token).to receive(:get_access_token) { acc_token }
20
+ allow(OAuth::RequestToken).to receive(:new) { req_token }
21
+ allow(acc_token).to receive(:get) { response }
22
+ end
23
+
24
+ describe SorceryController do
25
+
26
+ let(:user) { double('user', id: 42) }
27
+
28
+ before(:all) do
29
+ sorcery_reload!([:external])
30
+ sorcery_controller_property_set(:external_providers, [:twitter, :jira])
31
+ sorcery_controller_external_property_set(:twitter, :key, "eYVNBjBDi33aa9GkA3w")
32
+ sorcery_controller_external_property_set(:twitter, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
33
+ sorcery_controller_external_property_set(:twitter, :callback_url, "http://blabla.com")
34
+
35
+ sorcery_controller_external_property_set(:jira, :key, "7810b8e317ebdc81601c72f8daecc0f1")
36
+ sorcery_controller_external_property_set(:jira, :secret, "MyAppUsingJira")
37
+ sorcery_controller_external_property_set(:jira, :site, "http://jira.mycompany.com/plugins/servlet/oauth")
38
+ sorcery_controller_external_property_set(:jira, :signature_method, "RSA-SHA1")
39
+ sorcery_controller_external_property_set(:jira, :private_key_file, "myrsakey.pem")
40
+ sorcery_controller_external_property_set(:jira, :callback_url, "http://myappusingjira.com/home")
41
+ end
42
+
43
+ # ----------------- OAuth -----------------------
44
+ describe SorceryController, "'using external API to login'" do
45
+
46
+ before(:each) do
47
+ stub_all_oauth_requests!
48
+ end
49
+
50
+ context "when callback_url begin with /" do
51
+ before do
52
+ sorcery_controller_external_property_set(:twitter, :callback_url, "/oauth/twitter/callback")
53
+ end
54
+ it "login_at redirects correctly" do
55
+ get :login_at_test
56
+ expect(response).to be_a_redirect
57
+ expect(response).to redirect_to("http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&oauth_token=")
58
+ end
59
+ after do
60
+ sorcery_controller_external_property_set(:twitter, :callback_url, "http://blabla.com")
61
+ end
62
+ end
63
+
64
+ context "when callback_url begin with http://" do
65
+ it "login_at redirects correctly", pending: true do
66
+ get :login_at_test
67
+ expect(response).to be_a_redirect
68
+ expect(response).to redirect_to("http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Fblabla.com&oauth_token=")
69
+ end
70
+ end
71
+
72
+ it "logins if user exists" do
73
+ expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(user)
74
+
75
+ get :test_login_from, :oauth_verifier => "blablaRERASDFcxvSDFA"
76
+ expect(flash[:notice]).to eq "Success!"
77
+ end
78
+
79
+ it "'login_from' fails if user doesn't exist" do
80
+ expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(nil)
81
+
82
+ get :test_login_from, :oauth_verifier => "blablaRERASDFcxvSDFA"
83
+ expect(flash[:alert]).to eq "Failed!"
84
+ end
85
+
86
+ it "on successful 'login_from' the user is redirected to the url he originally wanted" do
87
+ expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(user)
88
+ get :test_return_to_with_external, {}, :return_to_url => "fuu"
89
+ expect(response).to redirect_to("fuu")
90
+ expect(flash[:notice]).to eq "Success!"
91
+ end
92
+
93
+ context "when jira" do
94
+ it "user logins successfully" do
95
+ get :login_at_test_jira
96
+ expect(session[:request_token]).not_to be_nil
97
+ expect(response).to be_a_redirect
98
+ end
99
+ end
100
+
101
+ end
102
+
103
+ describe SorceryController do
104
+ describe "using 'create_from'" do
105
+ before(:each) do
106
+ stub_all_oauth_requests!
107
+ end
108
+
109
+ it "creates a new user" do
110
+ sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "screen_name"})
111
+ expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
112
+ expect(User).to receive(:create_from_provider).with('twitter', '123', {username: 'nbenari'}).and_return(user)
113
+
114
+ get :test_create_from_provider, :provider => "twitter"
115
+ end
116
+
117
+ it "supports nested attributes" do
118
+ sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "status/text"})
119
+ expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
120
+ expect(User).to receive(:create_from_provider).with('twitter', '123', {username: 'coming soon to sorcery gem: twitter and facebook authentication support.'}).and_return(user)
121
+
122
+ get :test_create_from_provider, :provider => "twitter"
123
+ end
124
+
125
+ it "does not crash on missing nested attributes" do
126
+ sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "status/text", :created_at => "does/not/exist"})
127
+ expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
128
+ expect(User).to receive(:create_from_provider).with('twitter', '123', {username: 'coming soon to sorcery gem: twitter and facebook authentication support.'}).and_return(user)
129
+
130
+ get :test_create_from_provider, :provider => "twitter"
131
+ end
132
+
133
+ it "binds new provider" do
134
+ sorcery_model_property_set(:authentications_class, UserProvider)
135
+
136
+ allow(user).to receive_message_chain(:sorcery_config, :username_attribute_names, :first) { :username }
137
+ allow(user).to receive(:username).and_return('bla@bla.com')
138
+ login_user(user)
139
+
140
+ expect(user).to receive(:add_provider_to_user).with('twitter', '123')
141
+ get :test_add_second_provider, :provider => "twitter"
142
+ end
143
+
144
+ describe "with a block" do
145
+ it "does not create user" do
146
+ sorcery_model_property_set(:authentications_class, Authentication)
147
+ sorcery_controller_external_property_set(:twitter, :user_info_mapping, {:username => "screen_name"})
148
+
149
+ u = double('user')
150
+ expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
151
+ expect(User).to receive(:create_from_provider).with('twitter', '123', {username: 'nbenari'}).and_return(u).and_yield(u)
152
+
153
+ get :test_create_from_provider_with_block, :provider => "twitter"
154
+ end
155
+
156
+ end
157
+ end
158
+ end
159
+
160
+ describe SorceryController, "OAuth with user activation features" do
161
+ before(:all) do
162
+ sorcery_reload!([:activity_logging, :external])
163
+ end
164
+
165
+ context "when twitter" do
166
+ before(:each) do
167
+ sorcery_controller_property_set(:register_login_time, true)
168
+ sorcery_controller_property_set(:register_logout_time, false)
169
+ sorcery_controller_property_set(:register_last_activity_time, false)
170
+ sorcery_controller_property_set(:register_last_ip_address, false)
171
+ stub_all_oauth_requests!
172
+ end
173
+
174
+ it "registers login time" do
175
+ now = Time.now.in_time_zone
176
+ Timecop.freeze(now)
177
+ expect(User).to receive(:load_from_provider).and_return(user)
178
+ expect(user).to receive(:set_last_login_at).with(be_within(0.1).of(now))
179
+ get :test_login_from
180
+ Timecop.return
181
+ end
182
+
183
+ it "does not register login time if configured so" do
184
+ sorcery_controller_property_set(:register_login_time, false)
185
+ now = Time.now.in_time_zone
186
+ Timecop.freeze(now)
187
+ expect(User).to receive(:load_from_provider).and_return(user)
188
+ expect(user).to receive(:set_last_login_at).never
189
+ get :test_login_from
190
+ Timecop.return
191
+ end
192
+ end
193
+ end
194
+
195
+ describe SorceryController, "OAuth with session timeout features" do
196
+ before(:all) do
197
+ if SORCERY_ORM == :active_record
198
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
199
+ User.reset_column_information
200
+ end
201
+
202
+ sorcery_reload!([:session_timeout, :external])
203
+ end
204
+
205
+ after(:all) do
206
+ if SORCERY_ORM == :active_record
207
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
208
+ end
209
+ end
210
+
211
+ context "when twitter" do
212
+ before(:each) do
213
+ sorcery_model_property_set(:authentications_class, Authentication)
214
+ sorcery_controller_property_set(:session_timeout,0.5)
215
+ stub_all_oauth_requests!
216
+ end
217
+
218
+ after(:each) do
219
+ Timecop.return
220
+ end
221
+
222
+ it "does not reset session before session timeout" do
223
+ expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(user)
224
+ get :test_login_from
225
+
226
+ expect(session[:user_id]).not_to be_nil
227
+ expect(flash[:notice]).to eq "Success!"
228
+ end
229
+
230
+ it "resets session after session timeout" do
231
+ get :test_login_from
232
+ Timecop.travel(Time.now.in_time_zone+0.6)
233
+ get :test_should_be_logged_in
234
+
235
+ expect(session[:user_id]).to be_nil
236
+ expect(response).to be_a_redirect
237
+ end
238
+ end
239
+ end
240
+ end