sorcery 0.9.1 → 0.16.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/.github/FUNDING.yml +1 -0
- data/.github/ISSUE_TEMPLATE.md +24 -0
- data/.github/PULL_REQUEST_TEMPLATE.md +7 -0
- data/.github/workflows/ruby.yml +70 -0
- data/.gitignore +3 -0
- data/.rubocop.yml +55 -0
- data/.rubocop_todo.yml +163 -0
- data/CHANGELOG.md +132 -34
- data/CODE_OF_CONDUCT.md +14 -0
- data/Gemfile +3 -17
- data/{LICENSE.txt → LICENSE.md} +1 -1
- data/MAINTAINING.md +64 -0
- data/README.md +146 -269
- data/Rakefile +4 -2
- data/SECURITY.md +19 -0
- data/gemfiles/rails_52.gemfile +7 -0
- data/gemfiles/rails_60.gemfile +7 -0
- data/gemfiles/rails_61.gemfile +7 -0
- data/gemfiles/rails_70.gemfile +7 -0
- data/lib/generators/sorcery/USAGE +1 -1
- data/lib/generators/sorcery/helpers.rb +8 -4
- data/lib/generators/sorcery/install_generator.rb +41 -35
- data/lib/generators/sorcery/templates/initializer.rb +216 -112
- data/lib/generators/sorcery/templates/migration/activity_logging.rb +7 -7
- data/lib/generators/sorcery/templates/migration/brute_force_protection.rb +5 -5
- data/lib/generators/sorcery/templates/migration/core.rb +5 -7
- data/lib/generators/sorcery/templates/migration/external.rb +4 -4
- data/lib/generators/sorcery/templates/migration/magic_login.rb +9 -0
- data/lib/generators/sorcery/templates/migration/remember_me.rb +5 -5
- data/lib/generators/sorcery/templates/migration/reset_password.rb +7 -6
- data/lib/generators/sorcery/templates/migration/user_activation.rb +6 -6
- data/lib/sorcery/adapters/active_record_adapter.rb +11 -21
- data/lib/sorcery/adapters/mongoid_adapter.rb +23 -11
- data/lib/sorcery/controller/config.rb +27 -23
- data/lib/sorcery/controller/submodules/activity_logging.rb +16 -18
- data/lib/sorcery/controller/submodules/brute_force_protection.rb +1 -2
- data/lib/sorcery/controller/submodules/external.rb +69 -44
- data/lib/sorcery/controller/submodules/http_basic_auth.rb +18 -19
- data/lib/sorcery/controller/submodules/remember_me.rb +16 -16
- data/lib/sorcery/controller/submodules/session_timeout.rb +33 -11
- data/lib/sorcery/controller.rb +50 -35
- data/lib/sorcery/crypto_providers/aes256.rb +17 -16
- data/lib/sorcery/crypto_providers/bcrypt.rb +26 -22
- data/lib/sorcery/crypto_providers/common.rb +1 -1
- data/lib/sorcery/crypto_providers/md5.rb +5 -5
- data/lib/sorcery/crypto_providers/sha1.rb +5 -5
- data/lib/sorcery/crypto_providers/sha256.rb +2 -2
- data/lib/sorcery/crypto_providers/sha512.rb +3 -3
- data/lib/sorcery/engine.rb +19 -11
- data/lib/sorcery/model/config.rb +73 -50
- data/lib/sorcery/model/submodules/activity_logging.rb +31 -12
- data/lib/sorcery/model/submodules/brute_force_protection.rb +38 -31
- data/lib/sorcery/model/submodules/external.rb +22 -10
- data/lib/sorcery/model/submodules/magic_login.rb +130 -0
- data/lib/sorcery/model/submodules/remember_me.rb +19 -7
- data/lib/sorcery/model/submodules/reset_password.rb +64 -42
- data/lib/sorcery/model/submodules/user_activation.rb +52 -54
- data/lib/sorcery/model/temporary_token.rb +30 -7
- data/lib/sorcery/model.rb +65 -40
- data/lib/sorcery/protocols/oauth.rb +4 -9
- data/lib/sorcery/protocols/oauth2.rb +0 -2
- data/lib/sorcery/providers/auth0.rb +46 -0
- data/lib/sorcery/providers/base.rb +4 -4
- data/lib/sorcery/providers/battlenet.rb +51 -0
- data/lib/sorcery/providers/discord.rb +52 -0
- data/lib/sorcery/providers/facebook.rb +8 -11
- data/lib/sorcery/providers/github.rb +5 -7
- data/lib/sorcery/providers/google.rb +3 -5
- data/lib/sorcery/providers/heroku.rb +7 -8
- data/lib/sorcery/providers/instagram.rb +73 -0
- data/lib/sorcery/providers/jira.rb +12 -17
- data/lib/sorcery/providers/line.rb +63 -0
- data/lib/sorcery/providers/linkedin.rb +44 -35
- data/lib/sorcery/providers/liveid.rb +4 -7
- data/lib/sorcery/providers/microsoft.rb +59 -0
- data/lib/sorcery/providers/paypal.rb +60 -0
- data/lib/sorcery/providers/salesforce.rb +3 -5
- data/lib/sorcery/providers/slack.rb +45 -0
- data/lib/sorcery/providers/twitter.rb +4 -6
- data/lib/sorcery/providers/vk.rb +8 -9
- data/lib/sorcery/providers/wechat.rb +81 -0
- data/lib/sorcery/providers/xing.rb +7 -10
- data/lib/sorcery/test_helpers/internal/rails.rb +25 -17
- data/lib/sorcery/test_helpers/internal.rb +15 -14
- data/lib/sorcery/test_helpers/rails/controller.rb +1 -1
- data/lib/sorcery/test_helpers/rails/integration.rb +5 -6
- data/lib/sorcery/test_helpers/rails/request.rb +20 -0
- data/lib/sorcery/version.rb +1 -1
- data/lib/sorcery.rb +4 -17
- data/sorcery.gemspec +43 -28
- data/spec/active_record/user_activation_spec.rb +4 -5
- data/spec/active_record/user_activity_logging_spec.rb +4 -6
- data/spec/active_record/user_brute_force_protection_spec.rb +5 -6
- data/spec/active_record/user_magic_login_spec.rb +15 -0
- data/spec/active_record/user_oauth_spec.rb +5 -6
- data/spec/active_record/user_remember_me_spec.rb +5 -6
- data/spec/active_record/user_reset_password_spec.rb +4 -5
- data/spec/active_record/user_spec.rb +7 -17
- data/spec/controllers/controller_activity_logging_spec.rb +13 -24
- data/spec/controllers/controller_brute_force_protection_spec.rb +8 -10
- data/spec/controllers/controller_http_basic_auth_spec.rb +20 -21
- data/spec/controllers/controller_oauth2_spec.rb +297 -158
- data/spec/controllers/controller_oauth_spec.rb +97 -71
- data/spec/controllers/controller_remember_me_spec.rb +49 -36
- data/spec/controllers/controller_session_timeout_spec.rb +106 -20
- data/spec/controllers/controller_spec.rb +87 -111
- data/spec/orm/active_record.rb +3 -3
- data/spec/providers/example_provider_spec.rb +17 -0
- data/spec/providers/example_spec.rb +17 -0
- data/spec/providers/examples_spec.rb +17 -0
- data/spec/providers/vk_spec.rb +42 -0
- data/spec/rails_app/app/active_record/authentication.rb +1 -1
- data/spec/rails_app/app/active_record/user.rb +2 -2
- data/spec/rails_app/app/assets/config/manifest.js +1 -0
- data/spec/rails_app/app/controllers/application_controller.rb +2 -0
- data/spec/rails_app/app/controllers/sorcery_controller.rb +250 -46
- data/spec/rails_app/app/mailers/sorcery_mailer.rb +23 -17
- data/spec/rails_app/app/views/sorcery_mailer/magic_login_email.html.erb +13 -0
- data/spec/rails_app/app/views/sorcery_mailer/magic_login_email.text.erb +6 -0
- data/spec/rails_app/config/application.rb +14 -9
- data/spec/rails_app/config/boot.rb +2 -2
- data/spec/rails_app/config/environment.rb +1 -1
- data/spec/rails_app/config/environments/test.rb +1 -1
- data/spec/rails_app/config/initializers/compatible_legacy_migration.rb +11 -0
- data/spec/rails_app/config/initializers/session_store.rb +3 -3
- data/spec/rails_app/config/routes.rb +31 -1
- data/spec/rails_app/config/secrets.yml +4 -0
- data/spec/rails_app/config.ru +1 -1
- data/spec/rails_app/db/migrate/activation/20101224223622_add_activation_to_users.rb +4 -4
- data/spec/rails_app/db/migrate/activity_logging/20101224223624_add_activity_logging_to_users.rb +10 -10
- data/spec/rails_app/db/migrate/brute_force_protection/20101224223626_add_brute_force_protection_to_users.rb +5 -5
- data/spec/rails_app/db/migrate/core/20101224223620_create_users.rb +5 -5
- data/spec/rails_app/db/migrate/external/20101224223628_create_authentications_and_user_providers.rb +3 -3
- data/spec/rails_app/db/migrate/invalidate_active_sessions/20180221093235_add_invalidate_active_sessions_before_to_users.rb +9 -0
- data/spec/rails_app/db/migrate/magic_login/20170924151831_add_magic_login_to_users.rb +17 -0
- data/spec/rails_app/db/migrate/remember_me/20101224223623_add_remember_me_token_to_users.rb +6 -6
- data/spec/rails_app/db/migrate/reset_password/20101224223622_add_reset_password_to_users.rb +7 -5
- data/spec/rails_app/db/schema.rb +7 -9
- data/spec/shared_examples/user_activation_shared_examples.rb +177 -58
- data/spec/shared_examples/user_activity_logging_shared_examples.rb +47 -41
- data/spec/shared_examples/user_brute_force_protection_shared_examples.rb +19 -24
- data/spec/shared_examples/user_magic_login_shared_examples.rb +150 -0
- data/spec/shared_examples/user_oauth_shared_examples.rb +7 -10
- data/spec/shared_examples/user_remember_me_shared_examples.rb +91 -22
- data/spec/shared_examples/user_reset_password_shared_examples.rb +153 -58
- data/spec/shared_examples/user_shared_examples.rb +328 -145
- data/spec/sorcery_crypto_providers_spec.rb +122 -75
- data/spec/sorcery_temporary_token_spec.rb +27 -0
- data/spec/spec.opts +1 -1
- data/spec/spec_helper.rb +19 -14
- data/spec/support/migration_helper.rb +29 -0
- data/spec/support/providers/example.rb +11 -0
- data/spec/support/providers/example_provider.rb +11 -0
- data/spec/support/providers/examples.rb +11 -0
- metadata +119 -89
- data/.travis.yml +0 -132
- data/gemfiles/active_record-rails40.gemfile +0 -7
- data/gemfiles/active_record-rails41.gemfile +0 -7
- data/gemfiles/mongo_mapper-rails40.gemfile +0 -9
- data/gemfiles/mongo_mapper-rails41.gemfile +0 -9
- data/gemfiles/mongoid-rails40.gemfile +0 -9
- data/gemfiles/mongoid-rails41.gemfile +0 -9
- data/gemfiles/mongoid3-rails32.gemfile +0 -9
- data/lib/sorcery/adapters/data_mapper_adapter.rb +0 -176
- data/lib/sorcery/adapters/mongo_mapper_adapter.rb +0 -110
- data/lib/sorcery/railties/tasks.rake +0 -6
- data/spec/data_mapper/user_activation_spec.rb +0 -10
- data/spec/data_mapper/user_activity_logging_spec.rb +0 -14
- data/spec/data_mapper/user_brute_force_protection_spec.rb +0 -9
- data/spec/data_mapper/user_oauth_spec.rb +0 -9
- data/spec/data_mapper/user_remember_me_spec.rb +0 -8
- data/spec/data_mapper/user_reset_password_spec.rb +0 -8
- data/spec/data_mapper/user_spec.rb +0 -27
- data/spec/mongo_mapper/user_activation_spec.rb +0 -9
- data/spec/mongo_mapper/user_activity_logging_spec.rb +0 -8
- data/spec/mongo_mapper/user_brute_force_protection_spec.rb +0 -8
- data/spec/mongo_mapper/user_oauth_spec.rb +0 -8
- data/spec/mongo_mapper/user_remember_me_spec.rb +0 -8
- data/spec/mongo_mapper/user_reset_password_spec.rb +0 -8
- data/spec/mongo_mapper/user_spec.rb +0 -37
- data/spec/mongoid/user_activation_spec.rb +0 -9
- data/spec/mongoid/user_activity_logging_spec.rb +0 -8
- data/spec/mongoid/user_brute_force_protection_spec.rb +0 -8
- data/spec/mongoid/user_oauth_spec.rb +0 -8
- data/spec/mongoid/user_remember_me_spec.rb +0 -8
- data/spec/mongoid/user_reset_password_spec.rb +0 -8
- data/spec/mongoid/user_spec.rb +0 -51
- data/spec/orm/data_mapper.rb +0 -48
- data/spec/orm/mongo_mapper.rb +0 -10
- data/spec/orm/mongoid.rb +0 -22
- data/spec/rails_app/app/data_mapper/authentication.rb +0 -8
- data/spec/rails_app/app/data_mapper/user.rb +0 -7
- data/spec/rails_app/app/mongo_mapper/authentication.rb +0 -6
- data/spec/rails_app/app/mongo_mapper/user.rb +0 -7
- data/spec/rails_app/app/mongoid/authentication.rb +0 -7
- data/spec/rails_app/app/mongoid/user.rb +0 -7
- data/spec/rails_app/config/initializers/secret_token.rb +0 -7
- data/spec/rails_app/log/development.log +0 -1791
@@ -4,12 +4,36 @@ require 'spec_helper'
|
|
4
4
|
require 'ostruct'
|
5
5
|
|
6
6
|
def stub_all_oauth_requests!
|
7
|
-
consumer = OAuth::Consumer.new(
|
7
|
+
consumer = OAuth::Consumer.new('key', 'secret', site: 'http://myapi.com')
|
8
8
|
req_token = OAuth::RequestToken.new(consumer)
|
9
9
|
acc_token = OAuth::AccessToken.new(consumer)
|
10
10
|
|
11
|
-
response = OpenStruct.new
|
12
|
-
response.body = {
|
11
|
+
response = OpenStruct.new
|
12
|
+
response.body = {
|
13
|
+
'following' => false, 'listed_count' => 0, 'profile_link_color' => '0084B4',
|
14
|
+
'profile_image_url' => 'http://a1.twimg.com/profile_images/536178575/noamb_normal.jpg',
|
15
|
+
'description' => 'Programmer/Heavy Metal Fan/New Father',
|
16
|
+
'status' => {
|
17
|
+
'text' => 'coming soon to sorcery gem: twitter and facebook authentication support.',
|
18
|
+
'truncated' => false, 'favorited' => false, 'source' => 'web', 'geo' => nil,
|
19
|
+
'in_reply_to_screen_name' => nil, 'in_reply_to_user_id' => nil,
|
20
|
+
'in_reply_to_status_id_str' => nil, 'created_at' => 'Sun Mar 06 23:01:12 +0000 2011',
|
21
|
+
'contributors' => nil, 'place' => nil, 'retweeted' => false, 'in_reply_to_status_id' => nil,
|
22
|
+
'in_reply_to_user_id_str' => nil, 'coordinates' => nil, 'retweet_count' => 0,
|
23
|
+
'id' => 44_533_012_284_706_816, 'id_str' => '44533012284706816'
|
24
|
+
},
|
25
|
+
'show_all_inline_media' => false, 'geo_enabled' => true,
|
26
|
+
'profile_sidebar_border_color' => 'a8c7f7', 'url' => nil, 'followers_count' => 10,
|
27
|
+
'screen_name' => 'nbenari', 'profile_use_background_image' => true, 'location' => 'Israel',
|
28
|
+
'statuses_count' => 25, 'profile_background_color' => '022330', 'lang' => 'en',
|
29
|
+
'verified' => false, 'notifications' => false,
|
30
|
+
'profile_background_image_url' => 'http://a3.twimg.com/profile_background_images/104087198/04042010339.jpg',
|
31
|
+
'favourites_count' => 5, 'created_at' => 'Fri Nov 20 21:58:19 +0000 2009',
|
32
|
+
'is_translator' => false, 'contributors_enabled' => false, 'protected' => false,
|
33
|
+
'follow_request_sent' => false, 'time_zone' => 'Greenland', 'profile_text_color' => '333333',
|
34
|
+
'name' => 'Noam Ben Ari', 'friends_count' => 10, 'profile_sidebar_fill_color' => 'C0DFEC',
|
35
|
+
'id' => 123, 'id_str' => '91434812', 'profile_background_tile' => false, 'utc_offset' => -10_800
|
36
|
+
}.to_json
|
13
37
|
|
14
38
|
session[:request_token] = req_token.token
|
15
39
|
session[:request_token_secret] = req_token.secret
|
@@ -21,83 +45,86 @@ def stub_all_oauth_requests!
|
|
21
45
|
allow(acc_token).to receive(:get) { response }
|
22
46
|
end
|
23
47
|
|
24
|
-
describe SorceryController do
|
25
|
-
|
48
|
+
describe SorceryController, type: :controller do
|
26
49
|
let(:user) { double('user', id: 42) }
|
27
50
|
|
28
51
|
before(:all) do
|
29
52
|
sorcery_reload!([:external])
|
30
|
-
sorcery_controller_property_set(:external_providers, [
|
31
|
-
sorcery_controller_external_property_set(:twitter, :key,
|
32
|
-
sorcery_controller_external_property_set(:twitter, :secret,
|
33
|
-
sorcery_controller_external_property_set(:twitter, :callback_url,
|
34
|
-
|
35
|
-
sorcery_controller_external_property_set(:jira, :key,
|
36
|
-
sorcery_controller_external_property_set(:jira, :secret,
|
37
|
-
sorcery_controller_external_property_set(:jira, :site,
|
38
|
-
sorcery_controller_external_property_set(:jira, :signature_method,
|
39
|
-
sorcery_controller_external_property_set(:jira, :private_key_file,
|
40
|
-
sorcery_controller_external_property_set(:jira, :callback_url,
|
53
|
+
sorcery_controller_property_set(:external_providers, %i[twitter jira])
|
54
|
+
sorcery_controller_external_property_set(:twitter, :key, 'eYVNBjBDi33aa9GkA3w')
|
55
|
+
sorcery_controller_external_property_set(:twitter, :secret, 'XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8')
|
56
|
+
sorcery_controller_external_property_set(:twitter, :callback_url, 'http://blabla.com')
|
57
|
+
|
58
|
+
sorcery_controller_external_property_set(:jira, :key, '7810b8e317ebdc81601c72f8daecc0f1')
|
59
|
+
sorcery_controller_external_property_set(:jira, :secret, 'MyAppUsingJira')
|
60
|
+
sorcery_controller_external_property_set(:jira, :site, 'http://jira.mycompany.com/plugins/servlet/oauth')
|
61
|
+
sorcery_controller_external_property_set(:jira, :signature_method, 'RSA-SHA1')
|
62
|
+
sorcery_controller_external_property_set(:jira, :private_key_file, 'myrsakey.pem')
|
63
|
+
sorcery_controller_external_property_set(:jira, :callback_url, 'http://myappusingjira.com/home')
|
41
64
|
end
|
42
65
|
|
43
66
|
# ----------------- OAuth -----------------------
|
44
67
|
describe SorceryController, "'using external API to login'" do
|
45
|
-
|
46
68
|
before(:each) do
|
47
69
|
stub_all_oauth_requests!
|
48
70
|
end
|
49
71
|
|
50
|
-
context
|
72
|
+
context 'when callback_url begin with /' do
|
51
73
|
before do
|
52
|
-
sorcery_controller_external_property_set(:twitter, :callback_url,
|
74
|
+
sorcery_controller_external_property_set(:twitter, :callback_url, '/oauth/twitter/callback')
|
53
75
|
end
|
54
|
-
it
|
76
|
+
it 'login_at redirects correctly' do
|
55
77
|
get :login_at_test
|
56
78
|
expect(response).to be_a_redirect
|
57
|
-
expect(response).to redirect_to(
|
79
|
+
expect(response).to redirect_to('http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&oauth_token=')
|
58
80
|
end
|
59
81
|
after do
|
60
|
-
sorcery_controller_external_property_set(:twitter, :callback_url,
|
82
|
+
sorcery_controller_external_property_set(:twitter, :callback_url, 'http://blabla.com')
|
61
83
|
end
|
62
84
|
end
|
63
85
|
|
64
|
-
context
|
65
|
-
|
86
|
+
context 'when callback_url begin with http://' do
|
87
|
+
before do
|
88
|
+
sorcery_controller_external_property_set(:twitter, :callback_url, '/oauth/twitter/callback')
|
89
|
+
end
|
90
|
+
it 'login_at redirects correctly', pending: true do
|
66
91
|
get :login_at_test
|
67
92
|
expect(response).to be_a_redirect
|
68
|
-
expect(response).to redirect_to(
|
93
|
+
expect(response).to redirect_to('http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Fblabla.com&oauth_token=')
|
94
|
+
end
|
95
|
+
after do
|
96
|
+
sorcery_controller_external_property_set(:twitter, :callback_url, 'http://blabla.com')
|
69
97
|
end
|
70
98
|
end
|
71
99
|
|
72
|
-
it
|
100
|
+
it 'logins if user exists' do
|
73
101
|
expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(user)
|
74
102
|
|
75
|
-
get :test_login_from, :oauth_verifier
|
76
|
-
expect(flash[:notice]).to eq
|
103
|
+
get :test_login_from, params: { oauth_verifier: 'blablaRERASDFcxvSDFA' }
|
104
|
+
expect(flash[:notice]).to eq 'Success!'
|
77
105
|
end
|
78
106
|
|
79
107
|
it "'login_from' fails if user doesn't exist" do
|
80
108
|
expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(nil)
|
81
109
|
|
82
|
-
get :test_login_from, :oauth_verifier
|
83
|
-
expect(flash[:alert]).to eq
|
110
|
+
get :test_login_from, params: { oauth_verifier: 'blablaRERASDFcxvSDFA' }
|
111
|
+
expect(flash[:alert]).to eq 'Failed!'
|
84
112
|
end
|
85
113
|
|
86
114
|
it "on successful 'login_from' the user is redirected to the url he originally wanted" do
|
87
115
|
expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(user)
|
88
|
-
get :test_return_to_with_external, {}, :return_to_url
|
89
|
-
expect(response).to redirect_to(
|
90
|
-
expect(flash[:notice]).to eq
|
116
|
+
get :test_return_to_with_external, params: {}, session: { return_to_url: 'fuu' }
|
117
|
+
expect(response).to redirect_to('fuu')
|
118
|
+
expect(flash[:notice]).to eq 'Success!'
|
91
119
|
end
|
92
120
|
|
93
|
-
context
|
94
|
-
it
|
121
|
+
context 'when jira' do
|
122
|
+
it 'user logins successfully' do
|
95
123
|
get :login_at_test_jira
|
96
124
|
expect(session[:request_token]).not_to be_nil
|
97
125
|
expect(response).to be_a_redirect
|
98
126
|
end
|
99
127
|
end
|
100
|
-
|
101
128
|
end
|
102
129
|
|
103
130
|
describe SorceryController do
|
@@ -106,31 +133,31 @@ describe SorceryController do
|
|
106
133
|
stub_all_oauth_requests!
|
107
134
|
end
|
108
135
|
|
109
|
-
it
|
110
|
-
sorcery_controller_external_property_set(:twitter, :user_info_mapping,
|
136
|
+
it 'creates a new user' do
|
137
|
+
sorcery_controller_external_property_set(:twitter, :user_info_mapping, username: 'screen_name')
|
111
138
|
expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
|
112
|
-
expect(User).to receive(:create_from_provider).with('twitter', '123',
|
139
|
+
expect(User).to receive(:create_from_provider).with('twitter', '123', username: 'nbenari').and_return(user)
|
113
140
|
|
114
|
-
get :test_create_from_provider, :provider
|
141
|
+
get :test_create_from_provider, params: { provider: 'twitter' }
|
115
142
|
end
|
116
143
|
|
117
|
-
it
|
118
|
-
sorcery_controller_external_property_set(:twitter, :user_info_mapping,
|
144
|
+
it 'supports nested attributes' do
|
145
|
+
sorcery_controller_external_property_set(:twitter, :user_info_mapping, username: 'status/text')
|
119
146
|
expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
|
120
|
-
expect(User).to receive(:create_from_provider).with('twitter', '123',
|
147
|
+
expect(User).to receive(:create_from_provider).with('twitter', '123', username: 'coming soon to sorcery gem: twitter and facebook authentication support.').and_return(user)
|
121
148
|
|
122
|
-
get :test_create_from_provider, :provider
|
149
|
+
get :test_create_from_provider, params: { provider: 'twitter' }
|
123
150
|
end
|
124
151
|
|
125
|
-
it
|
126
|
-
sorcery_controller_external_property_set(:twitter, :user_info_mapping,
|
152
|
+
it 'does not crash on missing nested attributes' do
|
153
|
+
sorcery_controller_external_property_set(:twitter, :user_info_mapping, username: 'status/text', created_at: 'does/not/exist')
|
127
154
|
expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
|
128
|
-
expect(User).to receive(:create_from_provider).with('twitter', '123',
|
155
|
+
expect(User).to receive(:create_from_provider).with('twitter', '123', username: 'coming soon to sorcery gem: twitter and facebook authentication support.').and_return(user)
|
129
156
|
|
130
|
-
get :test_create_from_provider, :provider
|
157
|
+
get :test_create_from_provider, params: { provider: 'twitter' }
|
131
158
|
end
|
132
159
|
|
133
|
-
it
|
160
|
+
it 'binds new provider' do
|
134
161
|
sorcery_model_property_set(:authentications_class, UserProvider)
|
135
162
|
|
136
163
|
allow(user).to receive_message_chain(:sorcery_config, :username_attribute_names, :first) { :username }
|
@@ -138,31 +165,30 @@ describe SorceryController do
|
|
138
165
|
login_user(user)
|
139
166
|
|
140
167
|
expect(user).to receive(:add_provider_to_user).with('twitter', '123')
|
141
|
-
get :test_add_second_provider, :provider
|
168
|
+
get :test_add_second_provider, params: { provider: 'twitter' }
|
142
169
|
end
|
143
170
|
|
144
|
-
describe
|
145
|
-
it
|
171
|
+
describe 'with a block' do
|
172
|
+
it 'does not create user' do
|
146
173
|
sorcery_model_property_set(:authentications_class, Authentication)
|
147
|
-
sorcery_controller_external_property_set(:twitter, :user_info_mapping,
|
174
|
+
sorcery_controller_external_property_set(:twitter, :user_info_mapping, username: 'screen_name')
|
148
175
|
|
149
176
|
u = double('user')
|
150
177
|
expect(User).to receive(:load_from_provider).with('twitter', '123').and_return(nil)
|
151
|
-
expect(User).to receive(:create_from_provider).with('twitter', '123',
|
178
|
+
expect(User).to receive(:create_from_provider).with('twitter', '123', username: 'nbenari').and_return(u).and_yield(u)
|
152
179
|
|
153
|
-
get :test_create_from_provider_with_block, :provider
|
180
|
+
get :test_create_from_provider_with_block, params: { provider: 'twitter' }
|
154
181
|
end
|
155
|
-
|
156
182
|
end
|
157
183
|
end
|
158
184
|
end
|
159
185
|
|
160
|
-
describe SorceryController,
|
186
|
+
describe SorceryController, 'OAuth with user activation features' do
|
161
187
|
before(:all) do
|
162
|
-
sorcery_reload!([
|
188
|
+
sorcery_reload!(%i[activity_logging external])
|
163
189
|
end
|
164
190
|
|
165
|
-
context
|
191
|
+
context 'when twitter' do
|
166
192
|
before(:each) do
|
167
193
|
sorcery_controller_property_set(:register_login_time, true)
|
168
194
|
sorcery_controller_property_set(:register_logout_time, false)
|
@@ -171,7 +197,7 @@ describe SorceryController do
|
|
171
197
|
stub_all_oauth_requests!
|
172
198
|
end
|
173
199
|
|
174
|
-
it
|
200
|
+
it 'registers login time' do
|
175
201
|
now = Time.now.in_time_zone
|
176
202
|
Timecop.freeze(now)
|
177
203
|
expect(User).to receive(:load_from_provider).and_return(user)
|
@@ -180,7 +206,7 @@ describe SorceryController do
|
|
180
206
|
Timecop.return
|
181
207
|
end
|
182
208
|
|
183
|
-
it
|
209
|
+
it 'does not register login time if configured so' do
|
184
210
|
sorcery_controller_property_set(:register_login_time, false)
|
185
211
|
now = Time.now.in_time_zone
|
186
212
|
Timecop.freeze(now)
|
@@ -192,26 +218,26 @@ describe SorceryController do
|
|
192
218
|
end
|
193
219
|
end
|
194
220
|
|
195
|
-
describe SorceryController,
|
221
|
+
describe SorceryController, 'OAuth with session timeout features' do
|
196
222
|
before(:all) do
|
197
223
|
if SORCERY_ORM == :active_record
|
198
|
-
|
224
|
+
MigrationHelper.migrate("#{Rails.root}/db/migrate/external")
|
199
225
|
User.reset_column_information
|
200
226
|
end
|
201
227
|
|
202
|
-
sorcery_reload!([
|
228
|
+
sorcery_reload!(%i[session_timeout external])
|
203
229
|
end
|
204
230
|
|
205
231
|
after(:all) do
|
206
232
|
if SORCERY_ORM == :active_record
|
207
|
-
|
233
|
+
MigrationHelper.rollback("#{Rails.root}/db/migrate/external")
|
208
234
|
end
|
209
235
|
end
|
210
236
|
|
211
|
-
context
|
237
|
+
context 'when twitter' do
|
212
238
|
before(:each) do
|
213
239
|
sorcery_model_property_set(:authentications_class, Authentication)
|
214
|
-
sorcery_controller_property_set(:session_timeout,0.5)
|
240
|
+
sorcery_controller_property_set(:session_timeout, 0.5)
|
215
241
|
stub_all_oauth_requests!
|
216
242
|
end
|
217
243
|
|
@@ -219,17 +245,17 @@ describe SorceryController do
|
|
219
245
|
Timecop.return
|
220
246
|
end
|
221
247
|
|
222
|
-
it
|
248
|
+
it 'does not reset session before session timeout' do
|
223
249
|
expect(User).to receive(:load_from_provider).with(:twitter, '123').and_return(user)
|
224
250
|
get :test_login_from
|
225
251
|
|
226
252
|
expect(session[:user_id]).not_to be_nil
|
227
|
-
expect(flash[:notice]).to eq
|
253
|
+
expect(flash[:notice]).to eq 'Success!'
|
228
254
|
end
|
229
255
|
|
230
|
-
it
|
256
|
+
it 'resets session after session timeout' do
|
231
257
|
get :test_login_from
|
232
|
-
Timecop.travel(Time.now.in_time_zone+0.6)
|
258
|
+
Timecop.travel(Time.now.in_time_zone + 0.6)
|
233
259
|
get :test_should_be_logged_in
|
234
260
|
|
235
261
|
expect(session[:user_id]).to be_nil
|
@@ -1,19 +1,23 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
|
3
|
-
describe SorceryController do
|
4
|
-
|
3
|
+
describe SorceryController, type: :controller do
|
5
4
|
let!(:user) { double('user', id: 42) }
|
6
5
|
|
7
6
|
# ----------------- REMEMBER ME -----------------------
|
8
|
-
context
|
9
|
-
|
7
|
+
context 'with remember me features' do
|
10
8
|
before(:all) do
|
9
|
+
if SORCERY_ORM == :active_record
|
10
|
+
MigrationHelper.migrate("#{Rails.root}/db/migrate/remember_me")
|
11
|
+
User.reset_column_information
|
12
|
+
end
|
13
|
+
|
11
14
|
sorcery_reload!([:remember_me])
|
12
15
|
end
|
13
16
|
|
14
|
-
after(:
|
15
|
-
|
16
|
-
|
17
|
+
after(:all) do
|
18
|
+
if SORCERY_ORM == :active_record
|
19
|
+
MigrationHelper.rollback("#{Rails.root}/db/migrate/remember_me")
|
20
|
+
end
|
17
21
|
end
|
18
22
|
|
19
23
|
before(:each) do
|
@@ -23,46 +27,53 @@ describe SorceryController do
|
|
23
27
|
allow(user).to receive_message_chain(:sorcery_config, :remember_me_token_expires_at_attribute_name).and_return(:remember_me_token_expires_at)
|
24
28
|
end
|
25
29
|
|
26
|
-
it
|
27
|
-
expect(User).to receive(:authenticate).with('bla@bla.com', 'secret').
|
30
|
+
it 'sets cookie on remember_me!' do
|
31
|
+
expect(User).to receive(:authenticate).with('bla@bla.com', 'secret') { |&block| block.call(user, nil) }
|
28
32
|
expect(user).to receive(:remember_me!)
|
29
33
|
|
30
|
-
post :test_login_with_remember, :email
|
34
|
+
post :test_login_with_remember, params: { email: 'bla@bla.com', password: 'secret' }
|
31
35
|
|
32
|
-
expect(cookies.signed[
|
36
|
+
expect(cookies.signed['remember_me_token']).to eq assigns[:current_user].remember_me_token
|
33
37
|
end
|
34
38
|
|
35
|
-
it
|
36
|
-
cookies[
|
37
|
-
get :
|
39
|
+
it 'clears cookie on forget_me!' do
|
40
|
+
request.cookies[:remember_me_token] = { value: 'asd54234dsfsd43534', expires: 3600 }
|
41
|
+
get :test_logout_with_forget_me
|
38
42
|
|
39
|
-
expect(cookies[
|
43
|
+
expect(response.cookies[:remember_me_token]).to be_nil
|
40
44
|
end
|
41
45
|
|
42
|
-
it
|
43
|
-
|
46
|
+
it 'clears cookie on force_forget_me!' do
|
47
|
+
request.cookies[:remember_me_token] = { value: 'asd54234dsfsd43534', expires: 3600 }
|
48
|
+
get :test_logout_with_force_forget_me
|
49
|
+
|
50
|
+
expect(response.cookies[:remember_me_token]).to be_nil
|
51
|
+
end
|
52
|
+
|
53
|
+
it 'login(email,password,remember_me) logs user in and remembers' do
|
54
|
+
expect(User).to receive(:authenticate).with('bla@bla.com', 'secret', '1') { |&block| block.call(user, nil) }
|
44
55
|
expect(user).to receive(:remember_me!)
|
45
56
|
expect(user).to receive(:remember_me_token).and_return('abracadabra').twice
|
46
57
|
|
47
|
-
post :test_login_with_remember_in_login, :email
|
58
|
+
post :test_login_with_remember_in_login, params: { email: 'bla@bla.com', password: 'secret', remember: '1' }
|
48
59
|
|
49
|
-
expect(cookies.signed[
|
50
|
-
expect(cookies.signed[
|
60
|
+
expect(cookies.signed['remember_me_token']).not_to be_nil
|
61
|
+
expect(cookies.signed['remember_me_token']).to eq assigns[:user].remember_me_token
|
51
62
|
end
|
52
63
|
|
53
|
-
it
|
64
|
+
it 'logout also calls forget_me!' do
|
54
65
|
session[:user_id] = user.id.to_s
|
55
|
-
|
66
|
+
expect(User.sorcery_adapter).to receive(:find_by_id).with(user.id.to_s).and_return(user)
|
56
67
|
expect(user).to receive(:remember_me!)
|
57
68
|
expect(user).to receive(:forget_me!)
|
58
69
|
get :test_logout_with_remember
|
59
70
|
|
60
|
-
expect(cookies[
|
71
|
+
expect(cookies['remember_me_token']).to be_nil
|
61
72
|
end
|
62
73
|
|
63
|
-
it
|
64
|
-
|
65
|
-
|
74
|
+
it 'logs user in from cookie' do
|
75
|
+
session[:user_id] = user.id.to_s
|
76
|
+
expect(User.sorcery_adapter).to receive(:find_by_id).with(user.id.to_s).and_return(user)
|
66
77
|
expect(user).to receive(:remember_me!)
|
67
78
|
expect(user).to receive(:remember_me_token).and_return('token').twice
|
68
79
|
expect(user).to receive(:has_remember_me_token?) { true }
|
@@ -75,35 +86,37 @@ describe SorceryController do
|
|
75
86
|
|
76
87
|
expect(User.sorcery_adapter).to receive(:find_by_remember_me_token).with('token').and_return(user)
|
77
88
|
|
89
|
+
expect(subject).to receive(:after_remember_me!).with(user)
|
90
|
+
|
78
91
|
get :test_login_from_cookie
|
79
92
|
|
80
93
|
expect(assigns[:current_user]).to eq user
|
81
94
|
end
|
82
95
|
|
83
|
-
it
|
84
|
-
post :test_login_with_remember_in_login, :email
|
96
|
+
it 'doest not remember_me! when not asked to, even if third parameter is used' do
|
97
|
+
post :test_login_with_remember_in_login, params: { email: 'bla@bla.com', password: 'secret', remember: '0' }
|
85
98
|
|
86
|
-
expect(cookies[
|
99
|
+
expect(cookies['remember_me_token']).to be_nil
|
87
100
|
end
|
88
101
|
|
89
|
-
it
|
90
|
-
post :test_login, :email
|
91
|
-
expect(cookies[
|
102
|
+
it 'doest not remember_me! when not asked to' do
|
103
|
+
post :test_login, params: { email: 'bla@bla.com', password: 'secret' }
|
104
|
+
expect(cookies['remember_me_token']).to be_nil
|
92
105
|
end
|
93
106
|
|
94
107
|
# --- login_user(user) ---
|
95
108
|
specify { expect(@controller).to respond_to :auto_login }
|
96
109
|
|
97
|
-
it
|
110
|
+
it 'auto_login(user) logs in an user instance without remembering' do
|
98
111
|
session[:user_id] = nil
|
99
112
|
subject.auto_login(user)
|
100
113
|
get :test_login_from_cookie
|
101
114
|
|
102
115
|
expect(assigns[:current_user]).to eq user
|
103
|
-
expect(cookies[
|
116
|
+
expect(cookies['remember_me_token']).to be_nil
|
104
117
|
end
|
105
118
|
|
106
|
-
it
|
119
|
+
it 'auto_login(user, true) logs in an user instance with remembering' do
|
107
120
|
session[:user_id] = nil
|
108
121
|
expect(user).to receive(:remember_me!)
|
109
122
|
subject.auto_login(user, true)
|
@@ -111,7 +124,7 @@ describe SorceryController do
|
|
111
124
|
get :test_login_from_cookie
|
112
125
|
|
113
126
|
expect(assigns[:current_user]).to eq user
|
114
|
-
expect(cookies[
|
127
|
+
expect(cookies['remember_me_token']).not_to be_nil
|
115
128
|
end
|
116
129
|
end
|
117
130
|
end
|