sorcery 0.8.6 → 0.9.0

data/lib/sorcery/providers/liveid.rb

@@ -26,7 +26,7 @@ module Sorcery
         access_token.token_param = 'access_token'
         response = access_token.get(user_info_url)
 
-        {}.tap do |h|
+        auth_hash(access_token).tap do |h|
           h[:user_info] = JSON.parse(response.body)
           h[:uid] = h[:user_info]['id']
         end

data/lib/sorcery/providers/salesforce.rb

@@ -0,0 +1,50 @@
+module Sorcery
+  module Providers
+    # This class adds support for OAuth with salesforce.com.
+    #
+    #   config.salesforce.key = <key>
+    #   config.salesforce.secret = <secret>
+    #   ...
+    #
+    class Salesforce < Base
+
+      include Protocols::Oauth2
+
+      attr_accessor :auth_url, :token_url, :scope
+
+      def initialize
+        super
+
+        @site          = 'https://login.salesforce.com'
+        @auth_url      = '/services/oauth2/authorize'
+        @token_url     = '/services/oauth2/token'
+      end
+
+      def get_user_hash(access_token)
+        user_info_url = access_token.params['id']
+        response = access_token.get(user_info_url)
+
+        auth_hash(access_token).tap do |h|
+          h[:user_info] = JSON.parse(response.body)
+          h[:uid] = h[:user_info]['user_id']
+        end
+      end
+
+      # calculates and returns the url to which the user should be redirected,
+      # to get authenticated at the external provider's site.
+      def login_url(params, session)
+        authorize_url({ authorize_url: auth_url })
+      end
+
+      # tries to login the user from access token
+      def process_callback(params, session)
+        args = {}.tap do |a|
+          a[:code] = params[:code] if params[:code]
+        end
+
+        get_access_token(args, token_url: token_url, token_method: :post)
+      end
+
+    end
+  end
+end

data/lib/sorcery/providers/twitter.rb

@@ -27,7 +27,7 @@ module Sorcery
       def get_user_hash(access_token)
         response = access_token.get(user_info_path)
 
-        {}.tap do |h|
+        auth_hash(access_token).tap do |h|
           h[:user_info] = JSON.parse(response.body)
           h[:uid] = h[:user_info]['id'].to_s
         end

data/lib/sorcery/providers/vk.rb

@@ -19,24 +19,26 @@ module Sorcery
         @user_info_url  = 'https://api.vk.com/method/getProfiles'
         @auth_path      = '/authorize'
         @token_path     = '/access_token'
-        @scope          = ''
+        @scope          = 'email'
       end
 
       def get_user_hash(access_token)
-        user_hash = {}
+        user_hash = auth_hash(access_token)
 
         params = {
           access_token: access_token.token,
           uids:         access_token.params['user_id'],
           fields:       user_info_mapping.values.join(','),
-          scope:        scope,
+          scope:        scope
         }
 
         response = access_token.get(user_info_url, params: params)
         if user_hash[:user_info] = JSON.parse(response.body)
           user_hash[:user_info] = user_hash[:user_info]['response'][0]
-          user_hash[:user_info]['full_name'] = [user_hash[:user_info]['first_name'], user_hash[:user_info]['last_name']].join
+          user_hash[:user_info]['full_name'] = [user_hash[:user_info]['first_name'], user_hash[:user_info]['last_name']].join(' ')
+
           user_hash[:uid] = user_hash[:user_info]['uid']
+          user_hash[:user_info]['email'] = access_token.params['email']
         end
         user_hash
       end

data/lib/sorcery/providers/xing.rb

@@ -32,7 +32,7 @@ module Sorcery
       def get_user_hash(access_token)
         response = access_token.get(user_info_path)
 
-        {}.tap do |h|
+        auth_hash(access_token).tap do |h|
           h[:user_info] = JSON.parse(response.body)['users'].first
           h[:uid] = user_hash[:user_info]['id'].to_s
         end

data/lib/sorcery/test_helpers/internal.rb

@@ -30,14 +30,14 @@ module Sorcery
 
       def create_new_user(attributes_hash = nil)
         @user = build_new_user(attributes_hash)
-        @user.sorcery_save(:raise_on_failure => true)
+        @user.sorcery_adapter.save(:raise_on_failure => true)
         @user
       end
 
       def create_new_external_user(provider, attributes_hash = nil)
         user_attributes_hash = attributes_hash || {:username => 'gizmo'}
         @user = User.new(user_attributes_hash)
-        @user.sorcery_save(:raise_on_failure => true)
+        @user.sorcery_adapter.save(:raise_on_failure => true)
         @user.authentications.create!({:provider => provider, :uid => 123})
         @user
       end
@@ -47,7 +47,7 @@ module Sorcery
 
         user_attributes_hash = attributes_hash || {:username => 'gizmo'}
         @user = User.new(user_attributes_hash)
-        @user.sorcery_save(:raise_on_failure => true)
+        @user.sorcery_adapter.save(:raise_on_failure => true)
         @user.send(authentication_association).create!({:provider => provider, :uid => 123})
         @user
       end
@@ -58,6 +58,10 @@ module Sorcery
         end
       end
 
+      def update_model(&block)
+        User.class_exec(&block)
+      end
+
       private
 
       # reload user class between specs

data/lib/sorcery/test_helpers/rails/controller.rb

@@ -1,7 +1,7 @@
 module Sorcery
   module TestHelpers
     module Rails
-      module Controller 
+      module Controller
         def login_user(user = nil, test_context = {})
           user ||= @user
           @controller.send(:auto_login, user)
@@ -11,6 +11,10 @@ module Sorcery
         def logout_user
           @controller.send(:logout)
         end
+
+        def logged_in?
+          @controller.send(:logged_in?)
+        end
       end
     end
   end

data/lib/sorcery/version.rb

@@ -0,0 +1,3 @@
+module Sorcery
+  VERSION = "0.9.0"
+end

data/sorcery.gemspec

@@ -1,6 +1,10 @@
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'sorcery/version'
+
 Gem::Specification.new do |s|
   s.name = "sorcery"
-  s.version = "0.8.6"
+  s.version = Sorcery::VERSION
   s.authors = ["Noam Ben Ari", "Kir Shatrov", "Grzegorz Witek"]
   s.email = "nbenari@gmail.com"
   s.description = "Provides common authentication needs such as signing in/out, activating by email and resetting password."
@@ -15,7 +19,7 @@ Gem::Specification.new do |s|
   s.required_ruby_version = '>= 1.9.3'
 
   s.add_dependency "oauth", "~> 0.4", ">= 0.4.4"
-  s.add_dependency "oauth2", ">= 0.8.0", "< 1.0.0"
+  s.add_dependency "oauth2", ">= 0.8.0"
   s.add_dependency "bcrypt", "~> 3.1"
 
   s.add_development_dependency "abstract", ">= 1.0.0"

data/spec/active_record/user_activity_logging_spec.rb

@@ -3,6 +3,15 @@ require 'shared_examples/user_activity_logging_shared_examples'
 
 describe User, "with activity logging submodule", :active_record => true do
 
+  before(:all) do
+    ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/activity_logging")
+    User.reset_column_information
+  end
+
+  after(:all) do
+    ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activity_logging")
+  end
+
   it_behaves_like "rails_3_activity_logging_model"
 
 end

data/spec/controllers/controller_activity_logging_spec.rb

@@ -0,0 +1,124 @@
+require 'spec_helper'
+
+# require 'shared_examples/controller_activity_logging_shared_examples'
+
+describe SorceryController do
+  after(:all) do
+    sorcery_controller_property_set(:register_login_time, true)
+    sorcery_controller_property_set(:register_logout_time, true)
+    sorcery_controller_property_set(:register_last_activity_time, true)
+    # sorcery_controller_property_set(:last_login_from_ip_address_name, true)
+  end
+
+  # ----------------- ACTIVITY LOGGING -----------------------
+  context "with activity logging features" do
+
+    let(:adapter) { double('sorcery_adapter') }
+    let(:user) { double('user', id: 42, sorcery_adapter: adapter) }
+
+    before(:all) do
+      sorcery_reload!([:activity_logging])
+    end
+
+    specify { expect(subject).to respond_to(:current_users) }
+
+    before(:each) do
+      allow(user).to receive(:username)
+      allow(user).to receive_message_chain(:sorcery_config, :username_attribute_names, :first) { :username }
+      allow(User.sorcery_config).to receive(:last_login_at_attribute_name) { :last_login_at }
+      allow(User.sorcery_config).to receive(:last_login_from_ip_address_name) { :last_login_from_ip_address }
+
+      sorcery_controller_property_set(:register_login_time, false)
+      sorcery_controller_property_set(:register_last_ip_address, false)
+      sorcery_controller_property_set(:register_last_activity_time, false)
+    end
+
+    it "'current_users' should proxy to User.current_users" do
+      expect(User).to receive(:current_users).with(no_args)
+
+      subject.current_users
+    end
+
+
+    it "logs login time on login" do
+      now = Time.now.in_time_zone
+      Timecop.freeze(now)
+
+      sorcery_controller_property_set(:register_login_time, true)
+      expect(user).to receive(:set_last_login_at).with(be_within(0.1).of(now))
+      login_user(user)
+
+      Timecop.return
+    end
+
+    it "logs logout time on logout" do
+      login_user(user)
+      now = Time.now.in_time_zone
+      Timecop.freeze(now)
+      expect(user).to receive(:set_last_logout_at).with(be_within(0.1).of(now))
+
+      logout_user
+
+      Timecop.return
+    end
+
+    it "logs last activity time when logged in" do
+      sorcery_controller_property_set(:register_last_activity_time, true)
+
+      login_user(user)
+      now = Time.now.in_time_zone
+      Timecop.freeze(now)
+      expect(user).to receive(:set_last_activity_at).with(be_within(0.1).of(now))
+
+      get :some_action
+
+      Timecop.return
+    end
+
+    it "logs last IP address when logged in" do
+      sorcery_controller_property_set(:register_last_ip_address, true)
+      expect(user).to receive(:set_last_ip_addess).with('0.0.0.0')
+
+      login_user(user)
+    end
+
+    it "updates nothing but activity fields" do
+      pending 'Move to model'
+      original_user_name = User.last.username
+      login_user(user)
+      get :some_action_making_a_non_persisted_change_to_the_user
+
+      expect(User.last.username).to eq original_user_name
+    end
+
+    it "does not register login time if configured so" do
+      sorcery_controller_property_set(:register_login_time, false)
+
+      expect(user).to receive(:set_last_login_at).never
+      login_user(user)
+    end
+
+    it "does not register logout time if configured so" do
+      sorcery_controller_property_set(:register_logout_time, false)
+      login_user(user)
+
+      expect(user).to receive(:set_last_logout_at).never
+      logout_user
+    end
+
+    it "does not register last activity time if configured so" do
+      sorcery_controller_property_set(:register_last_activity_time, false)
+
+      expect(user).to receive(:set_last_activity_at).never
+      login_user(user)
+    end
+
+    it "does not register last IP address if configured so" do
+      sorcery_controller_property_set(:register_last_ip_address, false)
+      expect(user).to receive(:set_last_ip_addess).never
+
+      login_user(user)
+    end
+
+  end
+end

data/spec/controllers/controller_brute_force_protection_spec.rb

@@ -0,0 +1,43 @@
+require 'spec_helper'
+
+describe SorceryController do
+
+  let(:user) { double('user', id: 42, email: 'bla@bla.com') }
+
+  def request_test_login
+    get :test_login, email: 'bla@bla.com', password: 'blabla'
+  end
+
+  # ----------------- SESSION TIMEOUT -----------------------
+  describe "brute force protection features" do
+
+    before(:all) do
+      sorcery_reload!([:brute_force_protection])
+    end
+
+    after(:each) do
+      Sorcery::Controller::Config.reset!
+      sorcery_controller_property_set(:user_class, User)
+      Timecop.return
+    end
+
+    it "counts login retries" do
+      allow(User).to receive(:authenticate)
+      allow(User.sorcery_adapter).to receive(:find_by_credentials).with(['bla@bla.com', 'blabla']).and_return(user)
+
+      expect(user).to receive(:register_failed_login!).exactly(3).times
+
+      3.times { request_test_login }
+    end
+
+    it "resets the counter on a good login" do
+      # dirty hack for rails 4
+      allow(@controller).to receive(:register_last_activity_time_to_db)
+
+      allow(User).to receive(:authenticate).and_return(user)
+      expect(user).to receive_message_chain(:sorcery_adapter, :update_attribute).with(:failed_logins_count, 0)
+
+      get :test_login, email: 'bla@bla.com', password: 'secret'
+    end
+  end
+end

data/spec/{active_record → controllers}/controller_http_basic_auth_spec.rb

@@ -1,10 +1,9 @@
 require 'spec_helper'
 
-describe SorceryController, :active_record => true do
+describe SorceryController do
 
-  let!(:user) { create_new_user }
+  let(:user) { double("user", id: 42, email: 'bla@bla.com') }
 
-  # ----------------- HTTP BASIC AUTH -----------------------
   describe  "with http basic auth features" do
     before(:all) do
       sorcery_reload!([:http_basic_auth])
@@ -19,22 +18,24 @@ describe SorceryController, :active_record => true do
     it "requests basic authentication when before_filter is used" do
       get :test_http_basic_auth
 
-      expect(response.code).to eq "401"
+      expect(response.status).to eq 401
     end
 
     it "authenticates from http basic if credentials are sent" do
       # dirty hack for rails 4
       allow(subject).to receive(:register_last_activity_time_to_db)
 
-      @request.env["HTTP_AUTHORIZATION"] = "Basic " + Base64::encode64("#{user.email}:secret")
-      get :test_http_basic_auth, nil, :http_authentication_used => true
+      @request.env["HTTP_AUTHORIZATION"] = "Basic #{Base64::encode64("#{user.email}:secret")}"
+      expect(User).to receive('authenticate').with('bla@bla.com', 'secret').and_return(user)
+      get :test_http_basic_auth, nil, http_authentication_used: true
 
       expect(response).to be_a_success
     end
 
     it "fails authentication if credentials are wrong" do
-      @request.env["HTTP_AUTHORIZATION"] = "Basic " + Base64::encode64("#{user.email}:wrong!")
-      get :test_http_basic_auth, nil, :http_authentication_used => true
+      @request.env["HTTP_AUTHORIZATION"] = "Basic #{Base64::encode64("#{user.email}:wrong!")}"
+      expect(User).to receive('authenticate').with('bla@bla.com', 'wrong!').and_return(nil)
+      get :test_http_basic_auth, nil, http_authentication_used: true
 
       expect(response).to redirect_to root_url
     end
@@ -56,10 +57,12 @@ describe SorceryController, :active_record => true do
       # dirty hack for rails 4
       allow(controller).to receive(:register_last_activity_time_to_db)
 
-      @request.env["HTTP_AUTHORIZATION"] = "Basic " + Base64::encode64("#{user.email}:secret")
-      get :test_http_basic_auth, nil, :http_authentication_used => true
+      @request.env["HTTP_AUTHORIZATION"] = "Basic #{Base64::encode64("#{user.email}:secret")}"
+      expect(User).to receive('authenticate').with('bla@bla.com', 'secret').and_return(user)
 
-      expect(session[:user_id]).to be User.find_by_email(user.email).id
+      get :test_http_basic_auth, nil, http_authentication_used: true
+
+      expect(session[:user_id]).to eq "42"
     end
   end
 end

data/spec/{active_record → controllers}/controller_oauth2_spec.rb

@@ -1,32 +1,79 @@
 require 'spec_helper'
 
-require 'shared_examples/controller_oauth2_shared_examples'
+# require 'shared_examples/controller_oauth2_shared_examples'
 
 describe SorceryController, :active_record => true do
   before(:all) do
-    ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
-    User.reset_column_information
+    if SORCERY_ORM == :active_record
+      ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
+      User.reset_column_information
+    end
 
     sorcery_reload!([:external])
     set_external_property
   end
 
   after(:all) do
-    ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
+    if SORCERY_ORM == :active_record
+      ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
+    end
   end
 
-  it_behaves_like "oauth2_controller"
+  describe 'using create_from' do
+    before(:each) do
+      stub_all_oauth2_requests!
+    end
+
+    it 'creates a new user' do
+      sorcery_model_property_set(:authentications_class, Authentication)
+      sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'name' })
+
+      expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Noam Ben Ari'})
+      get :test_create_from_provider, provider: 'facebook'
+    end
+
+    it 'supports nested attributes' do
+      sorcery_model_property_set(:authentications_class, Authentication)
+      sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'hometown/name' })
+      expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Haifa, Israel'})
+
+      get :test_create_from_provider, provider: 'facebook'
+    end
+
+    it 'does not crash on missing nested attributes' do
+      sorcery_model_property_set(:authentications_class, Authentication)
+      sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'name', created_at: 'does/not/exist' })
+
+      expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Noam Ben Ari'})
+
+      get :test_create_from_provider, provider: 'facebook'
+    end
+
+    describe 'with a block' do
+      it 'does not create user' do
+        sorcery_model_property_set(:authentications_class, Authentication)
+        sorcery_controller_external_property_set(:facebook, :user_info_mapping, { username: 'name' })
+
+        u = double('user')
+        expect(User).to receive(:create_from_provider).with('facebook', '123', {username: 'Noam Ben Ari'}).and_return(u).and_yield(u)
+        # test_create_from_provider_with_block in controller will check for uniqueness of username
+        get :test_create_from_provider_with_block, provider: 'facebook'
+      end
+    end
+  end
 
   # ----------------- OAuth -----------------------
   context "with OAuth features" do
 
+    let(:user) { double('user', id: 42) }
+
     before(:each) do
       stub_all_oauth2_requests!
     end
 
     after(:each) do
-      User.delete_all
-      Authentication.delete_all
+      User.sorcery_adapter.delete_all
+      Authentication.sorcery_adapter.delete_all
     end
 
     context "when callback_url begin with /" do
@@ -34,13 +81,11 @@ describe SorceryController, :active_record => true do
         sorcery_controller_external_property_set(:facebook, :callback_url, "/oauth/twitter/callback")
       end
       it "login_at redirects correctly" do
-        create_new_user
         get :login_at_test_facebook
         expect(response).to be_a_redirect
         expect(response).to redirect_to("https://graph.facebook.com/oauth/authorize?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email%2Coffline_access&state=")
       end
       it "logins with state" do
-        create_new_user
         get :login_at_test_with_state
         expect(response).to be_a_redirect
         expect(response).to redirect_to("https://graph.facebook.com/oauth/authorize?client_id=#{::Sorcery::Controller::Config.facebook.key}&display=page&redirect_uri=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&response_type=code&scope=email%2Coffline_access&state=bla")
@@ -66,7 +111,7 @@ describe SorceryController, :active_record => true do
       allow(subject).to receive(:register_last_activity_time_to_db)
 
       sorcery_model_property_set(:authentications_class, Authentication)
-      create_new_external_user(:facebook)
+      expect(User).to receive(:load_from_provider).with(:facebook, '123').and_return(user)
       get :test_login_from_facebook
 
       expect(flash[:notice]).to eq "Success!"
@@ -74,7 +119,7 @@ describe SorceryController, :active_record => true do
 
     it "'login_from' fails if user doesn't exist" do
       sorcery_model_property_set(:authentications_class, Authentication)
-      create_new_user
+      expect(User).to receive(:load_from_provider).with(:facebook, '123').and_return(nil)
       get :test_login_from_facebook
 
       expect(flash[:alert]).to eq "Failed!"
@@ -85,19 +130,18 @@ describe SorceryController, :active_record => true do
       allow(subject).to receive(:register_last_activity_time_to_db)
 
       sorcery_model_property_set(:authentications_class, Authentication)
-      create_new_external_user(:facebook)
+      expect(User).to receive(:load_from_provider).with(:facebook, '123').and_return(user)
       get :test_return_to_with_external_facebook, {}, :return_to_url => "fuu"
 
       expect(response).to redirect_to("fuu")
       expect(flash[:notice]).to eq "Success!"
     end
 
-    [:github, :google, :liveid].each do |provider|
+    [:github, :google, :liveid, :vk, :salesforce].each do |provider|
 
       describe "with #{provider}" do
 
         it "login_at redirects correctly" do
-          create_new_user
           get :"login_at_test_#{provider}"
 
           expect(response).to be_a_redirect
@@ -109,7 +153,7 @@ describe SorceryController, :active_record => true do
           allow(subject).to receive(:register_last_activity_time_to_db)
 
           sorcery_model_property_set(:authentications_class, Authentication)
-          create_new_external_user(provider)
+          expect(User).to receive(:load_from_provider).with(provider, '123').and_return(user)
           get :"test_login_from_#{provider}"
 
           expect(flash[:notice]).to eq "Success!"
@@ -117,18 +161,18 @@ describe SorceryController, :active_record => true do
 
         it "'login_from' fails if user doesn't exist" do
           sorcery_model_property_set(:authentications_class, Authentication)
-          create_new_user
+          expect(User).to receive(:load_from_provider).with(provider, '123').and_return(nil)
           get :"test_login_from_#{provider}"
 
           expect(flash[:alert]).to eq "Failed!"
         end
 
-        it "on successful login_from the user is redirected to the url he originally wanted (github)" do
+        it "on successful login_from the user is redirected to the url he originally wanted (#{provider})" do
           # dirty hack for rails 4
           allow(subject).to receive(:register_last_activity_time_to_db)
 
           sorcery_model_property_set(:authentications_class, Authentication)
-          create_new_external_user(provider)
+          expect(User).to receive(:load_from_provider).with(provider, '123').and_return(user)
           get :"test_return_to_with_external_#{provider}", {}, :return_to_url => "fuu"
 
           expect(response).to redirect_to "fuu"
@@ -141,9 +185,13 @@ describe SorceryController, :active_record => true do
 
   describe "OAuth with User Activation features" do
     before(:all) do
-      ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/activation")
+      if SORCERY_ORM == :active_record
+        ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/activation")
+      end
+
       sorcery_reload!([:user_activation,:external], :user_activation_mailer => ::SorceryMailer)
-      sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid])
+      sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid, :vk, :salesforce])
+
       sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
       sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
       sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
@@ -156,15 +204,22 @@ describe SorceryController, :active_record => true do
       sorcery_controller_external_property_set(:liveid, :key, "eYVNBjBDi33aa9GkA3w")
       sorcery_controller_external_property_set(:liveid, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
       sorcery_controller_external_property_set(:liveid, :callback_url, "http://blabla.com")
-
+      sorcery_controller_external_property_set(:vk, :key, "eYVNBjBDi33aa9GkA3w")
+      sorcery_controller_external_property_set(:vk, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
+      sorcery_controller_external_property_set(:vk, :callback_url, "http://blabla.com")
+      sorcery_controller_external_property_set(:salesforce, :key, "eYVNBjBDi33aa9GkA3w")
+      sorcery_controller_external_property_set(:salesforce, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
+      sorcery_controller_external_property_set(:salesforce, :callback_url, "http://blabla.com")
     end
 
     after(:all) do
-      ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activation")
+      if SORCERY_ORM == :active_record
+        ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activation")
+      end
     end
 
     after(:each) do
-      User.delete_all
+      User.sorcery_adapter.delete_all
     end
 
     it "does not send activation email to external users" do
@@ -183,64 +238,65 @@ describe SorceryController, :active_record => true do
       expect(ActionMailer::Base.deliveries.size).to eq old_size
     end
 
-  # provider: github
-    [:github, :google, :liveid].each do |provider|
-      it "does not send activation email to external users (github)" do
+    [:github, :google, :liveid, :vk, :salesforce].each do |provider|
+      it "does not send activation email to external users (#{provider})" do
         old_size = ActionMailer::Base.deliveries.size
         create_new_external_user provider
         expect(ActionMailer::Base.deliveries.size).to eq old_size
       end
 
-      it "does not send external users an activation success email (github)" do
+      it "does not send external users an activation success email (#{provider})" do
         sorcery_model_property_set(:activation_success_email_method_name, nil)
         create_new_external_user provider
         old_size = ActionMailer::Base.deliveries.size
         @user.activate!
-
-        expect(ActionMailer::Base.deliveries.size).to eq old_size
       end
     end
   end
 
   describe "OAuth with user activation features"  do
+
+    let(:user) { double('user', id: 42) }
+
     before(:all) do
-      ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
-      ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/activity_logging")
-      User.reset_column_information
       sorcery_reload!([:activity_logging, :external])
     end
 
     after(:all) do
-      ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
-      ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activity_logging")
+      if SORCERY_ORM == :active_record
+        ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
+        ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/activity_logging")
+      end
     end
 
-    %w(facebook github google liveid).each do |provider|
+    %w(facebook github google liveid vk salesforce).each do |provider|
       context "when #{provider}" do
         before(:each) do
-          User.delete_all
-          Authentication.delete_all
           sorcery_controller_property_set(:register_login_time, true)
+          sorcery_controller_property_set(:register_logout_time, false)
+          sorcery_controller_property_set(:register_last_activity_time, false)
+          sorcery_controller_property_set(:register_last_ip_address, false)
           stub_all_oauth2_requests!
           sorcery_model_property_set(:authentications_class, Authentication)
-          create_new_external_user(provider.to_sym)
         end
 
         it "registers login time" do
           now = Time.now.in_time_zone
+          Timecop.freeze(now)
+          expect(User).to receive(:load_from_provider).and_return(user)
+          expect(user).to receive(:set_last_login_at).with(be_within(0.1).of(now))
           get "test_login_from_#{provider}".to_sym
-
-          expect(User.last.last_login_at).not_to be_nil
-          expect(User.last.last_login_at.to_s(:db)).to be >= now.to_s(:db)
-          expect(User.last.last_login_at.to_s(:db)).to be <= (now+2).to_s(:db)
+          Timecop.return
         end
 
         it "does not register login time if configured so" do
           sorcery_controller_property_set(:register_login_time, false)
           now = Time.now.in_time_zone
+          Timecop.freeze(now)
+          expect(User).to receive(:load_from_provider).and_return(user)
+          expect(user).to receive(:set_last_login_at).never
           get "test_login_from_#{provider}".to_sym
 
-          expect(User.last.last_login_at).to be_nil
         end
       end
     end
@@ -248,24 +304,17 @@ describe SorceryController, :active_record => true do
 
   describe "OAuth with session timeout features" do
     before(:all) do
-      ActiveRecord::Migrator.migrate("#{Rails.root}/db/migrate/external")
-      User.reset_column_information
       sorcery_reload!([:session_timeout, :external])
     end
 
-    after(:all) do
-      ActiveRecord::Migrator.rollback("#{Rails.root}/db/migrate/external")
-    end
+    let(:user) { double('user', id: 42) }
 
-    %w(facebook github google liveid).each do |provider|
+    %w(facebook github google liveid vk salesforce).each do |provider|
       context "when #{provider}" do
         before(:each) do
-          User.delete_all
-          Authentication.delete_all
           sorcery_model_property_set(:authentications_class, Authentication)
           sorcery_controller_property_set(:session_timeout,0.5)
           stub_all_oauth2_requests!
-          create_new_external_user(provider.to_sym)
         end
 
         after(:each) do
@@ -273,6 +322,7 @@ describe SorceryController, :active_record => true do
         end
 
         it "does not reset session before session timeout" do
+          expect(User).to receive(:load_from_provider).with(provider.to_sym, '123').and_return(user)
           get "test_login_from_#{provider}".to_sym
 
           expect(session[:user_id]).not_to be_nil
@@ -280,7 +330,9 @@ describe SorceryController, :active_record => true do
         end
 
         it "resets session after session timeout" do
+          expect(User).to receive(:load_from_provider).with(provider.to_sym, '123').and_return(user)
           get "test_login_from_#{provider}".to_sym
+          expect(session[:user_id]).to eq "42"
           Timecop.travel(Time.now.in_time_zone+0.6)
           get :test_should_be_logged_in
 
@@ -297,6 +349,7 @@ describe SorceryController, :active_record => true do
     response        = double(OAuth2::Response)
     allow(response).to receive(:body) { {
       "id"=>"123",
+      "user_id"=>"123", # Needed for Salesforce
       "name"=>"Noam Ben Ari",
       "first_name"=>"Noam",
       "last_name"=>"Ben Ari",
@@ -310,13 +363,24 @@ describe SorceryController, :active_record => true do
       "locale"=>"en_US",
       "languages"=>[{"id"=>"108405449189952", "name"=>"Hebrew"}, {"id"=>"106059522759137", "name"=>"English"}, {"id"=>"112624162082677", "name"=>"Russian"}],
       "verified"=>true,
-      "updated_time"=>"2011-02-16T20:59:38+0000"}.to_json }
+      "updated_time"=>"2011-02-16T20:59:38+0000",
+      # response for VK auth
+      "response"=>[
+          {
+            "uid"=>"123",
+            "first_name"=>"Noam",
+            "last_name"=>"Ben Ari"
+            }
+        ]}.to_json }
     allow(access_token).to receive(:get) { response }
+    allow(access_token).to receive(:token) { "187041a618229fdaf16613e96e1caabc1e86e46bbfad228de41520e63fe45873684c365a14417289599f3" }
+    # access_token params for VK auth
+    allow(access_token).to receive(:params) { { "user_id"=>"100500", "email"=>"nbenari@gmail.com" } }
     allow_any_instance_of(OAuth2::Strategy::AuthCode).to receive(:get_token) { access_token }
   end
 
   def set_external_property
-    sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid])
+    sorcery_controller_property_set(:external_providers, [:facebook, :github, :google, :liveid, :vk, :salesforce])
     sorcery_controller_external_property_set(:facebook, :key, "eYVNBjBDi33aa9GkA3w")
     sorcery_controller_external_property_set(:facebook, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
     sorcery_controller_external_property_set(:facebook, :callback_url, "http://blabla.com")
@@ -329,14 +393,22 @@ describe SorceryController, :active_record => true do
     sorcery_controller_external_property_set(:liveid, :key, "eYVNBjBDi33aa9GkA3w")
     sorcery_controller_external_property_set(:liveid, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
     sorcery_controller_external_property_set(:liveid, :callback_url, "http://blabla.com")
+    sorcery_controller_external_property_set(:vk, :key, "eYVNBjBDi33aa9GkA3w")
+    sorcery_controller_external_property_set(:vk, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
+    sorcery_controller_external_property_set(:vk, :callback_url, "http://blabla.com")
+    sorcery_controller_external_property_set(:salesforce, :key, "eYVNBjBDi33aa9GkA3w")
+    sorcery_controller_external_property_set(:salesforce, :secret, "XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8")
+    sorcery_controller_external_property_set(:salesforce, :callback_url, "http://blabla.com")
   end
 
   def provider_url(provider)
     {
       github: "https://github.com/login/oauth/authorize?client_id=#{::Sorcery::Controller::Config.github.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=&state=",
       google: "https://accounts.google.com/o/oauth2/auth?client_id=#{::Sorcery::Controller::Config.google.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&state=",
-      liveid: "https://oauth.live.com/authorize?client_id=#{::Sorcery::Controller::Config.liveid.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=wl.basic+wl.emails+wl.offline_access&state="
+      liveid: "https://oauth.live.com/authorize?client_id=#{::Sorcery::Controller::Config.liveid.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=wl.basic+wl.emails+wl.offline_access&state=",
+      vk: "https://oauth.vk.com/authorize?client_id=#{::Sorcery::Controller::Config.vk.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=#{::Sorcery::Controller::Config.vk.scope}&state=",
+      salesforce: "https://login.salesforce.com/services/oauth2/authorize?client_id=#{::Sorcery::Controller::Config.salesforce.key}&display=&redirect_uri=http%3A%2F%2Fblabla.com&response_type=code&scope=#{::Sorcery::Controller::Config.salesforce.scope}&state="
     }[provider]
   end
-
 end
+