sorcery 0.8.2 → 0.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (353) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +56 -0
  3. data/.travis.yml +130 -1
  4. data/CHANGELOG.md +270 -0
  5. data/Gemfile +17 -22
  6. data/README.md +371 -0
  7. data/Rakefile +3 -79
  8. data/gemfiles/active_record-rails40.gemfile +7 -0
  9. data/gemfiles/active_record-rails41.gemfile +7 -0
  10. data/gemfiles/mongo_mapper-rails40.gemfile +9 -0
  11. data/gemfiles/mongo_mapper-rails41.gemfile +9 -0
  12. data/gemfiles/mongoid-rails40.gemfile +9 -0
  13. data/gemfiles/mongoid-rails41.gemfile +9 -0
  14. data/gemfiles/mongoid3-rails32.gemfile +9 -0
  15. data/lib/generators/sorcery/USAGE +1 -1
  16. data/lib/generators/sorcery/helpers.rb +40 -0
  17. data/lib/generators/sorcery/install_generator.rb +38 -20
  18. data/lib/generators/sorcery/templates/initializer.rb +35 -10
  19. data/lib/generators/sorcery/templates/migration/activity_logging.rb +2 -11
  20. data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +3 -7
  21. data/lib/generators/sorcery/templates/migration/core.rb +5 -8
  22. data/lib/generators/sorcery/templates/migration/external.rb +3 -5
  23. data/lib/generators/sorcery/templates/migration/remember_me.rb +2 -9
  24. data/lib/generators/sorcery/templates/migration/reset_password.rb +2 -10
  25. data/lib/generators/sorcery/templates/migration/user_activation.rb +2 -10
  26. data/lib/sorcery/adapters/active_record_adapter.rb +120 -0
  27. data/lib/sorcery/adapters/base_adapter.rb +30 -0
  28. data/lib/sorcery/adapters/data_mapper_adapter.rb +176 -0
  29. data/lib/sorcery/adapters/mongo_mapper_adapter.rb +110 -0
  30. data/lib/sorcery/adapters/mongoid_adapter.rb +97 -0
  31. data/lib/sorcery/controller/config.rb +65 -0
  32. data/lib/sorcery/controller/submodules/activity_logging.rb +16 -21
  33. data/lib/sorcery/controller/submodules/brute_force_protection.rb +6 -6
  34. data/lib/sorcery/controller/submodules/external.rb +42 -43
  35. data/lib/sorcery/controller/submodules/remember_me.rb +5 -5
  36. data/lib/sorcery/controller/submodules/session_timeout.rb +11 -7
  37. data/lib/sorcery/controller.rb +22 -74
  38. data/lib/sorcery/model/config.rb +96 -0
  39. data/lib/sorcery/model/submodules/activity_logging.rb +30 -13
  40. data/lib/sorcery/model/submodules/brute_force_protection.rb +25 -27
  41. data/lib/sorcery/model/submodules/external.rb +53 -9
  42. data/lib/sorcery/model/submodules/remember_me.rb +15 -19
  43. data/lib/sorcery/model/submodules/reset_password.rb +36 -33
  44. data/lib/sorcery/model/submodules/user_activation.rb +51 -48
  45. data/lib/sorcery/model/temporary_token.rb +4 -4
  46. data/lib/sorcery/model.rb +81 -175
  47. data/lib/sorcery/protocols/oauth.rb +42 -0
  48. data/lib/sorcery/protocols/oauth2.rb +47 -0
  49. data/lib/sorcery/providers/base.rb +38 -0
  50. data/lib/sorcery/providers/facebook.rb +63 -0
  51. data/lib/sorcery/providers/github.rb +51 -0
  52. data/lib/sorcery/providers/google.rb +51 -0
  53. data/lib/sorcery/providers/heroku.rb +57 -0
  54. data/lib/sorcery/providers/jira.rb +77 -0
  55. data/lib/sorcery/providers/linkedin.rb +66 -0
  56. data/lib/sorcery/providers/liveid.rb +53 -0
  57. data/lib/sorcery/providers/salesforce.rb +50 -0
  58. data/lib/sorcery/providers/twitter.rb +59 -0
  59. data/lib/sorcery/providers/vk.rb +63 -0
  60. data/lib/sorcery/providers/xing.rb +64 -0
  61. data/lib/sorcery/test_helpers/internal/rails.rb +17 -6
  62. data/lib/sorcery/test_helpers/internal.rb +27 -6
  63. data/lib/sorcery/test_helpers/rails/controller.rb +21 -0
  64. data/lib/sorcery/test_helpers/rails/integration.rb +26 -0
  65. data/lib/sorcery/version.rb +3 -0
  66. data/lib/sorcery.rb +82 -58
  67. data/sorcery.gemspec +24 -362
  68. data/spec/active_record/user_activation_spec.rb +18 -0
  69. data/spec/active_record/user_activity_logging_spec.rb +17 -0
  70. data/spec/{rails3/spec → active_record}/user_brute_force_protection_spec.rb +6 -5
  71. data/spec/{rails3/spec → active_record}/user_oauth_spec.rb +6 -5
  72. data/spec/{rails3/spec → active_record}/user_remember_me_spec.rb +5 -4
  73. data/spec/{rails3/spec → active_record}/user_reset_password_spec.rb +7 -7
  74. data/spec/active_record/user_spec.rb +37 -0
  75. data/spec/controllers/controller_activity_logging_spec.rb +124 -0
  76. data/spec/controllers/controller_brute_force_protection_spec.rb +43 -0
  77. data/spec/controllers/controller_http_basic_auth_spec.rb +68 -0
  78. data/spec/controllers/controller_oauth2_spec.rb +414 -0
  79. data/spec/controllers/controller_oauth_spec.rb +240 -0
  80. data/spec/controllers/controller_remember_me_spec.rb +117 -0
  81. data/spec/controllers/controller_session_timeout_spec.rb +80 -0
  82. data/spec/controllers/controller_spec.rb +218 -0
  83. data/spec/data_mapper/user_activation_spec.rb +10 -0
  84. data/spec/data_mapper/user_activity_logging_spec.rb +14 -0
  85. data/spec/data_mapper/user_brute_force_protection_spec.rb +9 -0
  86. data/spec/data_mapper/user_oauth_spec.rb +9 -0
  87. data/spec/data_mapper/user_remember_me_spec.rb +8 -0
  88. data/spec/data_mapper/user_reset_password_spec.rb +8 -0
  89. data/spec/data_mapper/user_spec.rb +27 -0
  90. data/spec/mongo_mapper/user_activation_spec.rb +9 -0
  91. data/spec/mongo_mapper/user_activity_logging_spec.rb +8 -0
  92. data/spec/mongo_mapper/user_brute_force_protection_spec.rb +8 -0
  93. data/spec/mongo_mapper/user_oauth_spec.rb +8 -0
  94. data/spec/mongo_mapper/user_remember_me_spec.rb +8 -0
  95. data/spec/mongo_mapper/user_reset_password_spec.rb +8 -0
  96. data/spec/mongo_mapper/user_spec.rb +37 -0
  97. data/spec/mongoid/user_activation_spec.rb +9 -0
  98. data/spec/mongoid/user_activity_logging_spec.rb +8 -0
  99. data/spec/mongoid/user_brute_force_protection_spec.rb +8 -0
  100. data/spec/mongoid/user_oauth_spec.rb +8 -0
  101. data/spec/mongoid/user_remember_me_spec.rb +8 -0
  102. data/spec/mongoid/user_reset_password_spec.rb +8 -0
  103. data/spec/mongoid/user_spec.rb +51 -0
  104. data/spec/orm/active_record.rb +21 -0
  105. data/spec/orm/data_mapper.rb +48 -0
  106. data/spec/orm/mongo_mapper.rb +10 -0
  107. data/spec/orm/mongoid.rb +22 -0
  108. data/spec/{rails3/app/models → rails_app/app/active_record}/user.rb +1 -2
  109. data/spec/rails_app/app/active_record/user_provider.rb +3 -0
  110. data/spec/rails_app/app/controllers/sorcery_controller.rb +285 -0
  111. data/spec/rails_app/app/data_mapper/authentication.rb +8 -0
  112. data/spec/rails_app/app/data_mapper/user.rb +7 -0
  113. data/spec/{rails3_mongo_mapper/app/models → rails_app/app/mongo_mapper}/user.rb +2 -0
  114. data/spec/{rails3_mongoid/app/models → rails_app/app/mongoid}/user.rb +2 -0
  115. data/spec/{rails3_mongo_mapper → rails_app}/config/application.rb +13 -8
  116. data/spec/rails_app/config/boot.rb +4 -0
  117. data/spec/rails_app/config/database.yml +22 -0
  118. data/spec/{rails3_mongo_mapper → rails_app}/config/environments/test.rb +2 -0
  119. data/spec/{rails3_mongoid → rails_app}/config/initializers/session_store.rb +4 -0
  120. data/spec/rails_app/config/routes.rb +51 -0
  121. data/spec/{rails3_mongo_mapper → rails_app}/config.ru +1 -1
  122. data/spec/{rails3 → rails_app}/db/migrate/activation/20101224223622_add_activation_to_users.rb +3 -3
  123. data/spec/{rails3 → rails_app}/db/migrate/core/20101224223620_create_users.rb +2 -2
  124. data/spec/rails_app/db/migrate/external/20101224223628_create_authentications_and_user_providers.rb +22 -0
  125. data/spec/rails_app/log/development.log +1791 -0
  126. data/spec/shared_examples/user_activation_shared_examples.rb +137 -98
  127. data/spec/shared_examples/user_activity_logging_shared_examples.rb +83 -15
  128. data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +140 -21
  129. data/spec/shared_examples/user_oauth_shared_examples.rb +21 -16
  130. data/spec/shared_examples/user_remember_me_shared_examples.rb +36 -24
  131. data/spec/shared_examples/user_reset_password_shared_examples.rb +163 -130
  132. data/spec/shared_examples/user_shared_examples.rb +355 -193
  133. data/spec/sorcery_crypto_providers_spec.rb +74 -72
  134. data/spec/spec_helper.rb +32 -4
  135. metadata +262 -508
  136. data/Gemfile.lock +0 -175
  137. data/README.rdoc +0 -261
  138. data/VERSION +0 -1
  139. data/lib/sorcery/controller/submodules/external/protocols/oauth1.rb +0 -46
  140. data/lib/sorcery/controller/submodules/external/protocols/oauth2.rb +0 -49
  141. data/lib/sorcery/controller/submodules/external/providers/base.rb +0 -21
  142. data/lib/sorcery/controller/submodules/external/providers/facebook.rb +0 -98
  143. data/lib/sorcery/controller/submodules/external/providers/github.rb +0 -92
  144. data/lib/sorcery/controller/submodules/external/providers/google.rb +0 -91
  145. data/lib/sorcery/controller/submodules/external/providers/linkedin.rb +0 -102
  146. data/lib/sorcery/controller/submodules/external/providers/liveid.rb +0 -92
  147. data/lib/sorcery/controller/submodules/external/providers/twitter.rb +0 -93
  148. data/lib/sorcery/controller/submodules/external/providers/vk.rb +0 -100
  149. data/lib/sorcery/controller/submodules/external/providers/xing.rb +0 -97
  150. data/lib/sorcery/model/adapters/active_record.rb +0 -49
  151. data/lib/sorcery/model/adapters/mongo_mapper.rb +0 -56
  152. data/lib/sorcery/model/adapters/mongoid.rb +0 -88
  153. data/lib/sorcery/test_helpers/rails.rb +0 -16
  154. data/lib/sorcery/test_helpers.rb +0 -5
  155. data/spec/Gemfile +0 -12
  156. data/spec/Gemfile.lock +0 -129
  157. data/spec/README.md +0 -31
  158. data/spec/Rakefile +0 -12
  159. data/spec/rails3/.gitignore +0 -4
  160. data/spec/rails3/.rspec +0 -1
  161. data/spec/rails3/Gemfile +0 -15
  162. data/spec/rails3/Gemfile.lock +0 -162
  163. data/spec/rails3/README +0 -256
  164. data/spec/rails3/Rakefile +0 -11
  165. data/spec/rails3/app/controllers/application_controller.rb +0 -208
  166. data/spec/rails3/config/application.rb +0 -46
  167. data/spec/rails3/config/boot.rb +0 -13
  168. data/spec/rails3/config/database.yml +0 -27
  169. data/spec/rails3/config/environments/development.rb +0 -26
  170. data/spec/rails3/config/environments/in_memory.rb +0 -35
  171. data/spec/rails3/config/environments/production.rb +0 -49
  172. data/spec/rails3/config/environments/test.rb +0 -35
  173. data/spec/rails3/config/initializers/session_store.rb +0 -8
  174. data/spec/rails3/config/routes.rb +0 -59
  175. data/spec/rails3/config.ru +0 -4
  176. data/spec/rails3/db/migrate/external/20101224223628_create_authentications.rb +0 -14
  177. data/spec/rails3/lib/tasks/.gitkeep +0 -0
  178. data/spec/rails3/public/404.html +0 -26
  179. data/spec/rails3/public/422.html +0 -26
  180. data/spec/rails3/public/500.html +0 -26
  181. data/spec/rails3/public/favicon.ico +0 -0
  182. data/spec/rails3/public/images/rails.png +0 -0
  183. data/spec/rails3/public/javascripts/application.js +0 -2
  184. data/spec/rails3/public/javascripts/controls.js +0 -965
  185. data/spec/rails3/public/javascripts/dragdrop.js +0 -974
  186. data/spec/rails3/public/javascripts/effects.js +0 -1123
  187. data/spec/rails3/public/javascripts/prototype.js +0 -6001
  188. data/spec/rails3/public/javascripts/rails.js +0 -175
  189. data/spec/rails3/public/robots.txt +0 -5
  190. data/spec/rails3/public/stylesheets/.gitkeep +0 -0
  191. data/spec/rails3/script/rails +0 -6
  192. data/spec/rails3/spec/controller_activity_logging_spec.rb +0 -130
  193. data/spec/rails3/spec/controller_brute_force_protection_spec.rb +0 -96
  194. data/spec/rails3/spec/controller_http_basic_auth_spec.rb +0 -50
  195. data/spec/rails3/spec/controller_oauth2_spec.rb +0 -380
  196. data/spec/rails3/spec/controller_oauth_spec.rb +0 -206
  197. data/spec/rails3/spec/controller_remember_me_spec.rb +0 -96
  198. data/spec/rails3/spec/controller_session_timeout_spec.rb +0 -55
  199. data/spec/rails3/spec/controller_spec.rb +0 -182
  200. data/spec/rails3/spec/integration_spec.rb +0 -23
  201. data/spec/rails3/spec/spec.opts +0 -2
  202. data/spec/rails3/spec/spec_helper.orig.rb +0 -27
  203. data/spec/rails3/spec/spec_helper.rb +0 -71
  204. data/spec/rails3/spec/user_activation_spec.rb +0 -16
  205. data/spec/rails3/spec/user_activity_logging_spec.rb +0 -8
  206. data/spec/rails3/spec/user_spec.rb +0 -36
  207. data/spec/rails3/vendor/plugins/.gitkeep +0 -0
  208. data/spec/rails3_mongo_mapper/.gitignore +0 -4
  209. data/spec/rails3_mongo_mapper/.rspec +0 -1
  210. data/spec/rails3_mongo_mapper/Gemfile +0 -16
  211. data/spec/rails3_mongo_mapper/Gemfile.lock +0 -156
  212. data/spec/rails3_mongo_mapper/Rakefile +0 -11
  213. data/spec/rails3_mongo_mapper/app/controllers/application_controller.rb +0 -122
  214. data/spec/rails3_mongo_mapper/app/helpers/application_helper.rb +0 -2
  215. data/spec/rails3_mongo_mapper/app/mailers/sorcery_mailer.rb +0 -25
  216. data/spec/rails3_mongo_mapper/app/views/layouts/application.html.erb +0 -14
  217. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.html.erb +0 -17
  218. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_email.text.erb +0 -9
  219. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/activation_success_email.text.erb +0 -9
  220. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.html.erb +0 -16
  221. data/spec/rails3_mongo_mapper/app/views/sorcery_mailer/reset_password_email.text.erb +0 -8
  222. data/spec/rails3_mongo_mapper/config/boot.rb +0 -13
  223. data/spec/rails3_mongo_mapper/config/environment.rb +0 -5
  224. data/spec/rails3_mongo_mapper/config/environments/development.rb +0 -30
  225. data/spec/rails3_mongo_mapper/config/environments/in_memory.rb +0 -0
  226. data/spec/rails3_mongo_mapper/config/environments/production.rb +0 -49
  227. data/spec/rails3_mongo_mapper/config/initializers/backtrace_silencers.rb +0 -7
  228. data/spec/rails3_mongo_mapper/config/initializers/inflections.rb +0 -10
  229. data/spec/rails3_mongo_mapper/config/initializers/mime_types.rb +0 -5
  230. data/spec/rails3_mongo_mapper/config/initializers/mongo.rb +0 -2
  231. data/spec/rails3_mongo_mapper/config/initializers/secret_token.rb +0 -7
  232. data/spec/rails3_mongo_mapper/config/initializers/session_store.rb +0 -8
  233. data/spec/rails3_mongo_mapper/config/locales/en.yml +0 -5
  234. data/spec/rails3_mongo_mapper/config/routes.rb +0 -59
  235. data/spec/rails3_mongo_mapper/db/schema.rb +0 -23
  236. data/spec/rails3_mongo_mapper/db/seeds.rb +0 -7
  237. data/spec/rails3_mongo_mapper/lib/tasks/.gitkeep +0 -0
  238. data/spec/rails3_mongo_mapper/public/404.html +0 -26
  239. data/spec/rails3_mongo_mapper/public/422.html +0 -26
  240. data/spec/rails3_mongo_mapper/public/500.html +0 -26
  241. data/spec/rails3_mongo_mapper/public/favicon.ico +0 -0
  242. data/spec/rails3_mongo_mapper/public/images/rails.png +0 -0
  243. data/spec/rails3_mongo_mapper/public/javascripts/application.js +0 -2
  244. data/spec/rails3_mongo_mapper/public/javascripts/controls.js +0 -965
  245. data/spec/rails3_mongo_mapper/public/javascripts/dragdrop.js +0 -974
  246. data/spec/rails3_mongo_mapper/public/javascripts/effects.js +0 -1123
  247. data/spec/rails3_mongo_mapper/public/javascripts/prototype.js +0 -6001
  248. data/spec/rails3_mongo_mapper/public/javascripts/rails.js +0 -175
  249. data/spec/rails3_mongo_mapper/public/robots.txt +0 -5
  250. data/spec/rails3_mongo_mapper/public/stylesheets/.gitkeep +0 -0
  251. data/spec/rails3_mongo_mapper/script/rails +0 -6
  252. data/spec/rails3_mongo_mapper/spec/controller_spec.rb +0 -175
  253. data/spec/rails3_mongo_mapper/spec/spec.opts +0 -2
  254. data/spec/rails3_mongo_mapper/spec/spec_helper.orig.rb +0 -27
  255. data/spec/rails3_mongo_mapper/spec/spec_helper.rb +0 -55
  256. data/spec/rails3_mongo_mapper/spec/user_activation_spec.rb +0 -9
  257. data/spec/rails3_mongo_mapper/spec/user_activity_logging_spec.rb +0 -8
  258. data/spec/rails3_mongo_mapper/spec/user_brute_force_protection_spec.rb +0 -8
  259. data/spec/rails3_mongo_mapper/spec/user_oauth_spec.rb +0 -8
  260. data/spec/rails3_mongo_mapper/spec/user_remember_me_spec.rb +0 -8
  261. data/spec/rails3_mongo_mapper/spec/user_reset_password_spec.rb +0 -8
  262. data/spec/rails3_mongo_mapper/spec/user_spec.rb +0 -37
  263. data/spec/rails3_mongo_mapper/vendor/plugins/.gitkeep +0 -0
  264. data/spec/rails3_mongoid/.gitignore +0 -4
  265. data/spec/rails3_mongoid/.rspec +0 -1
  266. data/spec/rails3_mongoid/Gemfile +0 -15
  267. data/spec/rails3_mongoid/Gemfile.lock +0 -146
  268. data/spec/rails3_mongoid/Rakefile +0 -11
  269. data/spec/rails3_mongoid/app/controllers/application_controller.rb +0 -127
  270. data/spec/rails3_mongoid/app/helpers/application_helper.rb +0 -2
  271. data/spec/rails3_mongoid/app/mailers/sorcery_mailer.rb +0 -25
  272. data/spec/rails3_mongoid/app/views/layouts/application.html.erb +0 -14
  273. data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_email.html.erb +0 -17
  274. data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_email.text.erb +0 -9
  275. data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_success_email.html.erb +0 -17
  276. data/spec/rails3_mongoid/app/views/sorcery_mailer/activation_success_email.text.erb +0 -9
  277. data/spec/rails3_mongoid/app/views/sorcery_mailer/reset_password_email.html.erb +0 -16
  278. data/spec/rails3_mongoid/app/views/sorcery_mailer/reset_password_email.text.erb +0 -8
  279. data/spec/rails3_mongoid/config/application.rb +0 -51
  280. data/spec/rails3_mongoid/config/boot.rb +0 -13
  281. data/spec/rails3_mongoid/config/environment.rb +0 -5
  282. data/spec/rails3_mongoid/config/environments/development.rb +0 -26
  283. data/spec/rails3_mongoid/config/environments/in_memory.rb +0 -0
  284. data/spec/rails3_mongoid/config/environments/production.rb +0 -49
  285. data/spec/rails3_mongoid/config/environments/test.rb +0 -35
  286. data/spec/rails3_mongoid/config/initializers/backtrace_silencers.rb +0 -7
  287. data/spec/rails3_mongoid/config/initializers/inflections.rb +0 -10
  288. data/spec/rails3_mongoid/config/initializers/mime_types.rb +0 -5
  289. data/spec/rails3_mongoid/config/initializers/secret_token.rb +0 -7
  290. data/spec/rails3_mongoid/config/locales/en.yml +0 -5
  291. data/spec/rails3_mongoid/config/mongoid.yml +0 -7
  292. data/spec/rails3_mongoid/config/routes.rb +0 -59
  293. data/spec/rails3_mongoid/config.ru +0 -4
  294. data/spec/rails3_mongoid/db/schema.rb +0 -23
  295. data/spec/rails3_mongoid/db/seeds.rb +0 -7
  296. data/spec/rails3_mongoid/lib/tasks/.gitkeep +0 -0
  297. data/spec/rails3_mongoid/public/404.html +0 -26
  298. data/spec/rails3_mongoid/public/422.html +0 -26
  299. data/spec/rails3_mongoid/public/500.html +0 -26
  300. data/spec/rails3_mongoid/public/favicon.ico +0 -0
  301. data/spec/rails3_mongoid/public/images/rails.png +0 -0
  302. data/spec/rails3_mongoid/public/javascripts/application.js +0 -2
  303. data/spec/rails3_mongoid/public/javascripts/controls.js +0 -965
  304. data/spec/rails3_mongoid/public/javascripts/dragdrop.js +0 -974
  305. data/spec/rails3_mongoid/public/javascripts/effects.js +0 -1123
  306. data/spec/rails3_mongoid/public/javascripts/prototype.js +0 -6001
  307. data/spec/rails3_mongoid/public/javascripts/rails.js +0 -175
  308. data/spec/rails3_mongoid/public/robots.txt +0 -5
  309. data/spec/rails3_mongoid/public/stylesheets/.gitkeep +0 -0
  310. data/spec/rails3_mongoid/script/rails +0 -6
  311. data/spec/rails3_mongoid/spec/controller_activity_logging_spec.rb +0 -111
  312. data/spec/rails3_mongoid/spec/controller_spec.rb +0 -186
  313. data/spec/rails3_mongoid/spec/spec.opts +0 -2
  314. data/spec/rails3_mongoid/spec/spec_helper.orig.rb +0 -27
  315. data/spec/rails3_mongoid/spec/spec_helper.rb +0 -55
  316. data/spec/rails3_mongoid/spec/user_activation_spec.rb +0 -9
  317. data/spec/rails3_mongoid/spec/user_activity_logging_spec.rb +0 -8
  318. data/spec/rails3_mongoid/spec/user_brute_force_protection_spec.rb +0 -8
  319. data/spec/rails3_mongoid/spec/user_oauth_spec.rb +0 -8
  320. data/spec/rails3_mongoid/spec/user_remember_me_spec.rb +0 -8
  321. data/spec/rails3_mongoid/spec/user_reset_password_spec.rb +0 -8
  322. data/spec/rails3_mongoid/spec/user_spec.rb +0 -38
  323. data/spec/rails3_mongoid/vendor/plugins/.gitkeep +0 -0
  324. data/spec/shared_examples/controller_oauth2_shared_examples.rb +0 -56
  325. data/spec/shared_examples/controller_oauth_shared_examples.rb +0 -55
  326. /data/lib/sorcery/{controller/submodules/external/protocols → protocols}/certs/ca-bundle.crt +0 -0
  327. /data/spec/{rails3/app/models → rails_app/app/active_record}/authentication.rb +0 -0
  328. /data/spec/{rails3 → rails_app}/app/helpers/application_helper.rb +0 -0
  329. /data/spec/{rails3 → rails_app}/app/mailers/sorcery_mailer.rb +0 -0
  330. /data/spec/{rails3_mongo_mapper/app/models → rails_app/app/mongo_mapper}/authentication.rb +0 -0
  331. /data/spec/{rails3_mongoid/app/models → rails_app/app/mongoid}/authentication.rb +0 -0
  332. /data/spec/{rails3 → rails_app}/app/views/application/index.html.erb +0 -0
  333. /data/spec/{rails3 → rails_app}/app/views/layouts/application.html.erb +0 -0
  334. /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/activation_email.html.erb +0 -0
  335. /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/activation_email.text.erb +0 -0
  336. /data/spec/{rails3/app/views/sorcery_mailer/activation_success_email.html.erb → rails_app/app/views/sorcery_mailer/activation_needed_email.html.erb} +0 -0
  337. /data/spec/{rails3_mongo_mapper → rails_app}/app/views/sorcery_mailer/activation_success_email.html.erb +0 -0
  338. /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/activation_success_email.text.erb +0 -0
  339. /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/reset_password_email.html.erb +0 -0
  340. /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/reset_password_email.text.erb +0 -0
  341. /data/spec/{rails3 → rails_app}/app/views/sorcery_mailer/send_unlock_token_email.text.erb +0 -0
  342. /data/spec/{rails3 → rails_app}/config/environment.rb +0 -0
  343. /data/spec/{rails3 → rails_app}/config/initializers/backtrace_silencers.rb +0 -0
  344. /data/spec/{rails3 → rails_app}/config/initializers/inflections.rb +0 -0
  345. /data/spec/{rails3 → rails_app}/config/initializers/mime_types.rb +0 -0
  346. /data/spec/{rails3 → rails_app}/config/initializers/secret_token.rb +0 -0
  347. /data/spec/{rails3 → rails_app}/config/locales/en.yml +0 -0
  348. /data/spec/{rails3 → rails_app}/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +0 -0
  349. /data/spec/{rails3 → rails_app}/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +0 -0
  350. /data/spec/{rails3 → rails_app}/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +0 -0
  351. /data/spec/{rails3 → rails_app}/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +0 -0
  352. /data/spec/{rails3 → rails_app}/db/schema.rb +0 -0
  353. /data/spec/{rails3 → rails_app}/db/seeds.rb +0 -0
@@ -0,0 +1,124 @@
1
+ require 'spec_helper'
2
+
3
+ # require 'shared_examples/controller_activity_logging_shared_examples'
4
+
5
+ describe SorceryController do
6
+ after(:all) do
7
+ sorcery_controller_property_set(:register_login_time, true)
8
+ sorcery_controller_property_set(:register_logout_time, true)
9
+ sorcery_controller_property_set(:register_last_activity_time, true)
10
+ # sorcery_controller_property_set(:last_login_from_ip_address_name, true)
11
+ end
12
+
13
+ # ----------------- ACTIVITY LOGGING -----------------------
14
+ context "with activity logging features" do
15
+
16
+ let(:adapter) { double('sorcery_adapter') }
17
+ let(:user) { double('user', id: 42, sorcery_adapter: adapter) }
18
+
19
+ before(:all) do
20
+ sorcery_reload!([:activity_logging])
21
+ end
22
+
23
+ specify { expect(subject).to respond_to(:current_users) }
24
+
25
+ before(:each) do
26
+ allow(user).to receive(:username)
27
+ allow(user).to receive_message_chain(:sorcery_config, :username_attribute_names, :first) { :username }
28
+ allow(User.sorcery_config).to receive(:last_login_at_attribute_name) { :last_login_at }
29
+ allow(User.sorcery_config).to receive(:last_login_from_ip_address_name) { :last_login_from_ip_address }
30
+
31
+ sorcery_controller_property_set(:register_login_time, false)
32
+ sorcery_controller_property_set(:register_last_ip_address, false)
33
+ sorcery_controller_property_set(:register_last_activity_time, false)
34
+ end
35
+
36
+ it "'current_users' should proxy to User.current_users" do
37
+ expect(User).to receive(:current_users).with(no_args)
38
+
39
+ subject.current_users
40
+ end
41
+
42
+
43
+ it "logs login time on login" do
44
+ now = Time.now.in_time_zone
45
+ Timecop.freeze(now)
46
+
47
+ sorcery_controller_property_set(:register_login_time, true)
48
+ expect(user).to receive(:set_last_login_at).with(be_within(0.1).of(now))
49
+ login_user(user)
50
+
51
+ Timecop.return
52
+ end
53
+
54
+ it "logs logout time on logout" do
55
+ login_user(user)
56
+ now = Time.now.in_time_zone
57
+ Timecop.freeze(now)
58
+ expect(user).to receive(:set_last_logout_at).with(be_within(0.1).of(now))
59
+
60
+ logout_user
61
+
62
+ Timecop.return
63
+ end
64
+
65
+ it "logs last activity time when logged in" do
66
+ sorcery_controller_property_set(:register_last_activity_time, true)
67
+
68
+ login_user(user)
69
+ now = Time.now.in_time_zone
70
+ Timecop.freeze(now)
71
+ expect(user).to receive(:set_last_activity_at).with(be_within(0.1).of(now))
72
+
73
+ get :some_action
74
+
75
+ Timecop.return
76
+ end
77
+
78
+ it "logs last IP address when logged in" do
79
+ sorcery_controller_property_set(:register_last_ip_address, true)
80
+ expect(user).to receive(:set_last_ip_addess).with('0.0.0.0')
81
+
82
+ login_user(user)
83
+ end
84
+
85
+ it "updates nothing but activity fields" do
86
+ pending 'Move to model'
87
+ original_user_name = User.last.username
88
+ login_user(user)
89
+ get :some_action_making_a_non_persisted_change_to_the_user
90
+
91
+ expect(User.last.username).to eq original_user_name
92
+ end
93
+
94
+ it "does not register login time if configured so" do
95
+ sorcery_controller_property_set(:register_login_time, false)
96
+
97
+ expect(user).to receive(:set_last_login_at).never
98
+ login_user(user)
99
+ end
100
+
101
+ it "does not register logout time if configured so" do
102
+ sorcery_controller_property_set(:register_logout_time, false)
103
+ login_user(user)
104
+
105
+ expect(user).to receive(:set_last_logout_at).never
106
+ logout_user
107
+ end
108
+
109
+ it "does not register last activity time if configured so" do
110
+ sorcery_controller_property_set(:register_last_activity_time, false)
111
+
112
+ expect(user).to receive(:set_last_activity_at).never
113
+ login_user(user)
114
+ end
115
+
116
+ it "does not register last IP address if configured so" do
117
+ sorcery_controller_property_set(:register_last_ip_address, false)
118
+ expect(user).to receive(:set_last_ip_addess).never
119
+
120
+ login_user(user)
121
+ end
122
+
123
+ end
124
+ end
@@ -0,0 +1,43 @@
1
+ require 'spec_helper'
2
+
3
+ describe SorceryController do
4
+
5
+ let(:user) { double('user', id: 42, email: 'bla@bla.com') }
6
+
7
+ def request_test_login
8
+ get :test_login, email: 'bla@bla.com', password: 'blabla'
9
+ end
10
+
11
+ # ----------------- SESSION TIMEOUT -----------------------
12
+ describe "brute force protection features" do
13
+
14
+ before(:all) do
15
+ sorcery_reload!([:brute_force_protection])
16
+ end
17
+
18
+ after(:each) do
19
+ Sorcery::Controller::Config.reset!
20
+ sorcery_controller_property_set(:user_class, User)
21
+ Timecop.return
22
+ end
23
+
24
+ it "counts login retries" do
25
+ allow(User).to receive(:authenticate)
26
+ allow(User.sorcery_adapter).to receive(:find_by_credentials).with(['bla@bla.com', 'blabla']).and_return(user)
27
+
28
+ expect(user).to receive(:register_failed_login!).exactly(3).times
29
+
30
+ 3.times { request_test_login }
31
+ end
32
+
33
+ it "resets the counter on a good login" do
34
+ # dirty hack for rails 4
35
+ allow(@controller).to receive(:register_last_activity_time_to_db)
36
+
37
+ allow(User).to receive(:authenticate).and_return(user)
38
+ expect(user).to receive_message_chain(:sorcery_adapter, :update_attribute).with(:failed_logins_count, 0)
39
+
40
+ get :test_login, email: 'bla@bla.com', password: 'secret'
41
+ end
42
+ end
43
+ end
@@ -0,0 +1,68 @@
1
+ require 'spec_helper'
2
+
3
+ describe SorceryController do
4
+
5
+ let(:user) { double("user", id: 42, email: 'bla@bla.com') }
6
+
7
+ describe "with http basic auth features" do
8
+ before(:all) do
9
+ sorcery_reload!([:http_basic_auth])
10
+
11
+ sorcery_controller_property_set(:controller_to_realm_map, {"sorcery" => "sorcery"})
12
+ end
13
+
14
+ after(:each) do
15
+ logout_user
16
+ end
17
+
18
+ it "requests basic authentication when before_filter is used" do
19
+ get :test_http_basic_auth
20
+
21
+ expect(response.status).to eq 401
22
+ end
23
+
24
+ it "authenticates from http basic if credentials are sent" do
25
+ # dirty hack for rails 4
26
+ allow(subject).to receive(:register_last_activity_time_to_db)
27
+
28
+ @request.env["HTTP_AUTHORIZATION"] = "Basic #{Base64::encode64("#{user.email}:secret")}"
29
+ expect(User).to receive('authenticate').with('bla@bla.com', 'secret').and_return(user)
30
+ get :test_http_basic_auth, nil, http_authentication_used: true
31
+
32
+ expect(response).to be_a_success
33
+ end
34
+
35
+ it "fails authentication if credentials are wrong" do
36
+ @request.env["HTTP_AUTHORIZATION"] = "Basic #{Base64::encode64("#{user.email}:wrong!")}"
37
+ expect(User).to receive('authenticate').with('bla@bla.com', 'wrong!').and_return(nil)
38
+ get :test_http_basic_auth, nil, http_authentication_used: true
39
+
40
+ expect(response).to redirect_to root_url
41
+ end
42
+
43
+ it "allows configuration option 'controller_to_realm_map'" do
44
+ sorcery_controller_property_set(:controller_to_realm_map, {"1" => "2"})
45
+
46
+ expect(Sorcery::Controller::Config.controller_to_realm_map).to eq({"1" => "2"})
47
+ end
48
+
49
+ it "displays the correct realm name configured for the controller" do
50
+ sorcery_controller_property_set(:controller_to_realm_map, {"sorcery" => "Salad"})
51
+ get :test_http_basic_auth
52
+
53
+ expect(response.headers["WWW-Authenticate"]).to eq "Basic realm=\"Salad\""
54
+ end
55
+
56
+ it "signs in the user's session on successful login" do
57
+ # dirty hack for rails 4
58
+ allow(controller).to receive(:register_last_activity_time_to_db)
59
+
60
+ @request.env["HTTP_AUTHORIZATION"] = "Basic #{Base64::encode64("#{user.email}:secret")}"
61
+ expect(User).to receive('authenticate').with('bla@bla.com', 'secret').and_return(user)
62
+
63
+ get :test_http_basic_auth, nil, http_authentication_used: true
64
+
65
+ expect(session[:user_id]).to eq "42"
66
+ end
67
+ end
68
+ end
@@ -0,0 +1,414 @@
1
+ require 'spec_helper'
2
+
3
+ # require 'shared_examples/controller_oauth2_shared_examples'
4
+
5
+ describe SorceryController, :active_record => true do
6
+ before(:all) do
7
+ if SORCERY_ORM == :active_record
8
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
9
+ User.reset_column_information
10
+ end
11
+
12
+ sorcery_reload!([:external])
13
+ set_external_property
14
+ end
15
+
16
+ after(:all) do
17
+ if SORCERY_ORM == :active_record
18
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
19
+ end
20
+ end
21
+
22
+ describe 'using create_from' do
23
+ before(:each) do
24
+ stub_all_oauth2_requests!
25
+ end
26
+
27
+ it 'creates a new user' do
28
+ sorcery_model_property_set(:authentications_class, Authentication)
29
+ sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'name' })
30
+
31
+ expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Noam Ben Ari'})
32
+ get :test_create_from_provider, provider: 'facebook'
33
+ end
34
+
35
+ it 'supports nested attributes' do
36
+ sorcery_model_property_set(:authentications_class, Authentication)
37
+ sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'hometown/name' })
38
+ expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Haifa, Israel'})
39
+
40
+ get :test_create_from_provider, provider: 'facebook'
41
+ end
42
+
43
+ it 'does not crash on missing nested attributes' do
44
+ sorcery_model_property_set(:authentications_class, Authentication)
45
+ sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'name', created_at: 'does/not/exist' })
46
+
47
+ expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Noam Ben Ari'})
48
+
49
+ get :test_create_from_provider, provider: 'facebook'
50
+ end
51
+
52
+ describe 'with a block' do
53
+ it 'does not create user' do
54
+ sorcery_model_property_set(:authentications_class, Authentication)
55
+ sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'name' })
56
+
57
+ u = double('user')
58
+ expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Noam Ben Ari'}).and_return(u).and_yield(u)
59
+ # test_create_from_provider_with_block in controller will check for uniqueness of username
60
+ get :test_create_from_provider_with_block, provider: 'facebook'
61
+ end
62
+ end
63
+ end
64
+
65
+ # ----------------- OAuth -----------------------
66
+ context "with OAuth features" do
67
+
68
+ let(:user) { double('user', id: 42) }
69
+
70
+ before(:each) do
71
+ stub_all_oauth2_requests!
72
+ end
73
+
74
+ after(:each) do
75
+ User.sorcery_adapter.delete_all
76
+ Authentication.sorcery_adapter.delete_all
77
+ end
78
+
79
+ context "when callback_url begin with /" do
80
+ before do
81
+ sorcery_controller_external_property_set(:facebook, :callback_url, "/oauth/twitter/callback")
82
+ end
83
+ it "login_at redirects correctly" do
84
+ get :login_at_test_facebook
85
+ expect(response).to be_a_redirect
86
+ expect(response).to redirect_to("https://graph.facebook.com/oauth/authorize?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email%2Coffline_access&state=")
87
+ end
88
+ it "logins with state" do
89
+ get :login_at_test_with_state
90
+ expect(response).to be_a_redirect
91
+ expect(response).to redirect_to("https://graph.facebook.com/oauth/authorize?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email%2Coffline_access&state=bla")
92
+ end
93
+ after do
94
+ sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
95
+ end
96
+ end
97
+
98
+ #this test can never pass because of the previous test (the callback url can't change anymore)
99
+ =begin
100
+ context "when callback_url begin with http://" do
101
+ it "login_at redirects correctly" do
102
+ create_new_user
103
+ get :login_at_test2
104
+ response.should be_a_redirect
105
+ response.should redirect_to("https://graph.facebook.com/oauth/authorize?response_type=code&client_id=#{::Sorcery::Controller::Config.facebook.key}&redirect_uri=http%3A%2F%2Fblabla.com&scope=email%2Coffline_access&display=page&state")
106
+ end
107
+ end
108
+ =end
109
+ it "'login_from' logins if user exists" do
110
+ # dirty hack for rails 4
111
+ allow(subject).to receive(:register_last_activity_time_to_db)
112
+
113
+ sorcery_model_property_set(:authentications_class, Authentication)
114
+ expect(User).to receive(:load_from_provider).with(:facebook, '123').and_return(user)
115
+ get :test_login_from_facebook
116
+
117
+ expect(flash[:notice]).to eq "Success!"
118
+ end
119
+
120
+ it "'login_from' fails if user doesn't exist" do
121
+ sorcery_model_property_set(:authentications_class, Authentication)
122
+ expect(User).to receive(:load_from_provider).with(:facebook, '123').and_return(nil)
123
+ get :test_login_from_facebook
124
+
125
+ expect(flash[:alert]).to eq "Failed!"
126
+ end
127
+
128
+ it "on successful login_from the user is redirected to the url he originally wanted" do
129
+ # dirty hack for rails 4
130
+ allow(subject).to receive(:register_last_activity_time_to_db)
131
+
132
+ sorcery_model_property_set(:authentications_class, Authentication)
133
+ expect(User).to receive(:load_from_provider).with(:facebook, '123').and_return(user)
134
+ get :test_return_to_with_external_facebook, {}, :return_to_url => "fuu"
135
+
136
+ expect(response).to redirect_to("fuu")
137
+ expect(flash[:notice]).to eq "Success!"
138
+ end
139
+
140
+ [:github, :google, :liveid, :vk, :salesforce].each do |provider|
141
+
142
+ describe "with #{provider}" do
143
+
144
+ it "login_at redirects correctly" do
145
+ get :"login_at_test_#{provider}"
146
+
147
+ expect(response).to be_a_redirect
148
+ expect(response).to redirect_to(provider_url provider)
149
+ end
150
+
151
+ it "'login_from' logins if user exists" do
152
+ # dirty hack for rails 4
153
+ allow(subject).to receive(:register_last_activity_time_to_db)
154
+
155
+ sorcery_model_property_set(:authentications_class, Authentication)
156
+ expect(User).to receive(:load_from_provider).with(provider, '123').and_return(user)
157
+ get :"test_login_from_#{provider}"
158
+
159
+ expect(flash[:notice]).to eq "Success!"
160
+ end
161
+
162
+ it "'login_from' fails if user doesn't exist" do
163
+ sorcery_model_property_set(:authentications_class, Authentication)
164
+ expect(User).to receive(:load_from_provider).with(provider, '123').and_return(nil)
165
+ get :"test_login_from_#{provider}"
166
+
167
+ expect(flash[:alert]).to eq "Failed!"
168
+ end
169
+
170
+ it "on successful login_from the user is redirected to the url he originally wanted (#{provider})" do
171
+ # dirty hack for rails 4
172
+ allow(subject).to receive(:register_last_activity_time_to_db)
173
+
174
+ sorcery_model_property_set(:authentications_class, Authentication)
175
+ expect(User).to receive(:load_from_provider).with(provider, '123').and_return(user)
176
+ get :"test_return_to_with_external_#{provider}", {}, :return_to_url => "fuu"
177
+
178
+ expect(response).to redirect_to "fuu"
179
+ expect(flash[:notice]).to eq "Success!"
180
+ end
181
+ end
182
+ end
183
+
184
+ end
185
+
186
+ describe "OAuth with User Activation features" do
187
+ before(:all) do
188
+ if SORCERY_ORM == :active_record
189
+ ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/activation")
190
+ end
191
+
192
+ sorcery_reload!([:user_activation,:external], :user_activation_mailer => ::SorceryMailer)
193
+ sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid, :vk, :salesforce])
194
+
195
+ sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
196
+ sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
197
+ sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
198
+ sorcery_controller_external_property_set(:github, :key, "eYVNBjBDi33aa9GkA3w")
199
+ sorcery_controller_external_property_set(:github, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
200
+ sorcery_controller_external_property_set(:github, :callback_url, "http://blabla.com")
201
+ sorcery_controller_external_property_set(:google, :key, "eYVNBjBDi33aa9GkA3w")
202
+ sorcery_controller_external_property_set(:google, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
203
+ sorcery_controller_external_property_set(:google, :callback_url, "http://blabla.com")
204
+ sorcery_controller_external_property_set(:liveid, :key, "eYVNBjBDi33aa9GkA3w")
205
+ sorcery_controller_external_property_set(:liveid, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
206
+ sorcery_controller_external_property_set(:liveid, :callback_url, "http://blabla.com")
207
+ sorcery_controller_external_property_set(:vk, :key, "eYVNBjBDi33aa9GkA3w")
208
+ sorcery_controller_external_property_set(:vk, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
209
+ sorcery_controller_external_property_set(:vk, :callback_url, "http://blabla.com")
210
+ sorcery_controller_external_property_set(:salesforce, :key, "eYVNBjBDi33aa9GkA3w")
211
+ sorcery_controller_external_property_set(:salesforce, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
212
+ sorcery_controller_external_property_set(:salesforce, :callback_url, "http://blabla.com")
213
+ end
214
+
215
+ after(:all) do
216
+ if SORCERY_ORM == :active_record
217
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activation")
218
+ end
219
+ end
220
+
221
+ after(:each) do
222
+ User.sorcery_adapter.delete_all
223
+ end
224
+
225
+ it "does not send activation email to external users" do
226
+ old_size = ActionMailer::Base.deliveries.size
227
+ create_new_external_user(:facebook)
228
+
229
+ expect(ActionMailer::Base.deliveries.size).to eq old_size
230
+ end
231
+
232
+ it "does not send external users an activation success email" do
233
+ sorcery_model_property_set(:activation_success_email_method_name, nil)
234
+ create_new_external_user(:facebook)
235
+ old_size = ActionMailer::Base.deliveries.size
236
+ @user.activate!
237
+
238
+ expect(ActionMailer::Base.deliveries.size).to eq old_size
239
+ end
240
+
241
+ [:github, :google, :liveid, :vk, :salesforce].each do |provider|
242
+ it "does not send activation email to external users (#{provider})" do
243
+ old_size = ActionMailer::Base.deliveries.size
244
+ create_new_external_user provider
245
+ expect(ActionMailer::Base.deliveries.size).to eq old_size
246
+ end
247
+
248
+ it "does not send external users an activation success email (#{provider})" do
249
+ sorcery_model_property_set(:activation_success_email_method_name, nil)
250
+ create_new_external_user provider
251
+ old_size = ActionMailer::Base.deliveries.size
252
+ @user.activate!
253
+ end
254
+ end
255
+ end
256
+
257
+ describe "OAuth with user activation features" do
258
+
259
+ let(:user) { double('user', id: 42) }
260
+
261
+ before(:all) do
262
+ sorcery_reload!([:activity_logging, :external])
263
+ end
264
+
265
+ after(:all) do
266
+ if SORCERY_ORM == :active_record
267
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
268
+ ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activity_logging")
269
+ end
270
+ end
271
+
272
+ %w(facebook github google liveid vk salesforce).each do |provider|
273
+ context "when #{provider}" do
274
+ before(:each) do
275
+ sorcery_controller_property_set(:register_login_time, true)
276
+ sorcery_controller_property_set(:register_logout_time, false)
277
+ sorcery_controller_property_set(:register_last_activity_time, false)
278
+ sorcery_controller_property_set(:register_last_ip_address, false)
279
+ stub_all_oauth2_requests!
280
+ sorcery_model_property_set(:authentications_class, Authentication)
281
+ end
282
+
283
+ it "registers login time" do
284
+ now = Time.now.in_time_zone
285
+ Timecop.freeze(now)
286
+ expect(User).to receive(:load_from_provider).and_return(user)
287
+ expect(user).to receive(:set_last_login_at).with(be_within(0.1).of(now))
288
+ get "test_login_from_#{provider}".to_sym
289
+ Timecop.return
290
+ end
291
+
292
+ it "does not register login time if configured so" do
293
+ sorcery_controller_property_set(:register_login_time, false)
294
+ now = Time.now.in_time_zone
295
+ Timecop.freeze(now)
296
+ expect(User).to receive(:load_from_provider).and_return(user)
297
+ expect(user).to receive(:set_last_login_at).never
298
+ get "test_login_from_#{provider}".to_sym
299
+
300
+ end
301
+ end
302
+ end
303
+ end
304
+
305
+ describe "OAuth with session timeout features" do
306
+ before(:all) do
307
+ sorcery_reload!([:session_timeout, :external])
308
+ end
309
+
310
+ let(:user) { double('user', id: 42) }
311
+
312
+ %w(facebook github google liveid vk salesforce).each do |provider|
313
+ context "when #{provider}" do
314
+ before(:each) do
315
+ sorcery_model_property_set(:authentications_class, Authentication)
316
+ sorcery_controller_property_set(:session_timeout,0.5)
317
+ stub_all_oauth2_requests!
318
+ end
319
+
320
+ after(:each) do
321
+ Timecop.return
322
+ end
323
+
324
+ it "does not reset session before session timeout" do
325
+ expect(User).to receive(:load_from_provider).with(provider.to_sym, '123').and_return(user)
326
+ get "test_login_from_#{provider}".to_sym
327
+
328
+ expect(session[:user_id]).not_to be_nil
329
+ expect(flash[:notice]).to eq "Success!"
330
+ end
331
+
332
+ it "resets session after session timeout" do
333
+ expect(User).to receive(:load_from_provider).with(provider.to_sym, '123').and_return(user)
334
+ get "test_login_from_#{provider}".to_sym
335
+ expect(session[:user_id]).to eq "42"
336
+ Timecop.travel(Time.now.in_time_zone+0.6)
337
+ get :test_should_be_logged_in
338
+
339
+ expect(session[:user_id]).to be_nil
340
+ expect(response).to be_a_redirect
341
+ end
342
+ end
343
+ end
344
+ end
345
+
346
+ def stub_all_oauth2_requests!
347
+ access_token = double(OAuth2::AccessToken)
348
+ allow(access_token).to receive(:token_param=)
349
+ response = double(OAuth2::Response)
350
+ allow(response).to receive(:body) { {
351
+ "id"=>"123",
352
+ "user_id"=>"123", # Needed for Salesforce
353
+ "name"=>"Noam Ben Ari",
354
+ "first_name"=>"Noam",
355
+ "last_name"=>"Ben Ari",
356
+ "link"=>"http://www.facebook.com/nbenari1",
357
+ "hometown"=>{"id"=>"110619208966868", "name"=>"Haifa, Israel"},
358
+ "location"=>{"id"=>"106906559341067", "name"=>"Pardes Hanah, Hefa, Israel"},
359
+ "bio"=>"I'm a new daddy, and enjoying it!",
360
+ "gender"=>"male",
361
+ "email"=>"nbenari@gmail.com",
362
+ "timezone"=>2,
363
+ "locale"=>"en_US",
364
+ "languages"=>[{"id"=>"108405449189952", "name"=>"Hebrew"}, {"id"=>"106059522759137", "name"=>"English"}, {"id"=>"112624162082677", "name"=>"Russian"}],
365
+ "verified"=>true,
366
+ "updated_time"=>"2011-02-16T20:59:38+0000",
367
+ # response for VK auth
368
+ "response"=>[
369
+ {
370
+ "uid"=>"123",
371
+ "first_name"=>"Noam",
372
+ "last_name"=>"Ben Ari"
373
+ }
374
+ ]}.to_json }
375
+ allow(access_token).to receive(:get) { response }
376
+ allow(access_token).to receive(:token) { "187041a618229fdaf16613e96e1caabc1e86e46bbfad228de41520e63fe45873684c365a14417289599f3" }
377
+ # access_token params for VK auth
378
+ allow(access_token).to receive(:params) { { "user_id"=>"100500", "email"=>"nbenari@gmail.com" } }
379
+ allow_any_instance_of(OAuth2::Strategy::AuthCode).to receive(:get_token) { access_token }
380
+ end
381
+
382
+ def set_external_property
383
+ sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid, :vk, :salesforce])
384
+ sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
385
+ sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
386
+ sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
387
+ sorcery_controller_external_property_set(:github, :key, "eYVNBjBDi33aa9GkA3w")
388
+ sorcery_controller_external_property_set(:github, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
389
+ sorcery_controller_external_property_set(:github, :callback_url, "http://blabla.com")
390
+ sorcery_controller_external_property_set(:google, :key, "eYVNBjBDi33aa9GkA3w")
391
+ sorcery_controller_external_property_set(:google, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
392
+ sorcery_controller_external_property_set(:google, :callback_url, "http://blabla.com")
393
+ sorcery_controller_external_property_set(:liveid, :key, "eYVNBjBDi33aa9GkA3w")
394
+ sorcery_controller_external_property_set(:liveid, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
395
+ sorcery_controller_external_property_set(:liveid, :callback_url, "http://blabla.com")
396
+ sorcery_controller_external_property_set(:vk, :key, "eYVNBjBDi33aa9GkA3w")
397
+ sorcery_controller_external_property_set(:vk, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
398
+ sorcery_controller_external_property_set(:vk, :callback_url, "http://blabla.com")
399
+ sorcery_controller_external_property_set(:salesforce, :key, "eYVNBjBDi33aa9GkA3w")
400
+ sorcery_controller_external_property_set(:salesforce, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
401
+ sorcery_controller_external_property_set(:salesforce, :callback_url, "http://blabla.com")
402
+ end
403
+
404
+ def provider_url(provider)
405
+ {
406
+ github: "https://github.com/login/oauth/authorize?client_id=#{::Sorcery::Controller::Config.github.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=&state=",
407
+ google: "https://accounts.google.com/o/oauth2/auth?client_id=#{::Sorcery::Controller::Config.google.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&state=",
408
+ liveid: "https://oauth.live.com/authorize?client_id=#{::Sorcery::Controller::Config.liveid.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=wl.basic+wl.emails+wl.offline_access&state=",
409
+ vk: "https://oauth.vk.com/authorize?client_id=#{::Sorcery::Controller::Config.vk.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=#{::Sorcery::Controller::Config.vk.scope}&state=",
410
+ salesforce: "https://login.salesforce.com/services/oauth2/authorize?client_id=#{::Sorcery::Controller::Config.salesforce.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=#{::Sorcery::Controller::Config.salesforce.scope}&state="
411
+ }[provider]
412
+ end
413
+ end
414
+