stn-simple_token_authentication 1.7.1

data/spec/lib/simple_token_authentication/configuration_spec.rb

@@ -0,0 +1,133 @@
+require 'spec_helper'
+
+describe SimpleTokenAuthentication::Configuration do
+
+
+  context 'when included in any class' do
+
+    before(:each) do
+      SimpleTokenAuthentication.const_set(:ConfigurableClass, Class.new)
+      klass = SimpleTokenAuthentication::ConfigurableClass
+      klass.send :include, SimpleTokenAuthentication::Configuration
+      @subject = klass.new
+    end
+
+    after(:each) do
+      SimpleTokenAuthentication.send(:remove_const, :ConfigurableClass)
+    end
+
+    describe 'provides #controller_adapters which' do
+
+      it_behaves_like 'a configuration option', 'controller_adapters'
+
+      it "defauts to ['rails', 'rails_api']", private: true do
+        expect(@subject.controller_adapters).to eq ['rails', 'rails_api']
+      end
+    end
+
+    describe 'provides #model_adapters which' do
+
+      it_behaves_like 'a configuration option', 'model_adapters'
+
+      it "defauts to ['active_record', 'mongoid']", private: true do
+        expect(@subject.model_adapters).to eq ['active_record', 'mongoid']
+      end
+    end
+
+    describe 'provides #adapters_dependencies which' do
+
+      it_behaves_like 'a configuration option', 'adapters_dependencies'
+
+      it 'lists the supported adapters dependencies by default', private: true do
+        expect(@subject.adapters_dependencies['active_record']).to eq 'ActiveRecord::Base'
+        expect(@subject.adapters_dependencies['mongoid']).to eq 'Mongoid::Document'
+        expect(@subject.adapters_dependencies['rails']).to eq 'ActionController::Base'
+        expect(@subject.adapters_dependencies['rails_api']).to eq 'ActionController::API'
+      end
+    end
+
+    describe 'provides #header_names which', header_names_option: true do
+
+      it_behaves_like 'a configuration option', 'header_names'
+
+      it 'defauts to {}', public: true  do
+        expect(@subject.header_names).to eq({})
+      end
+    end
+
+    describe 'provides #sign_in_token which', sign_in_token_option: true do
+
+      it_behaves_like 'a configuration option', 'sign_in_token'
+
+      it 'defauts to false', public: true do
+        expect(@subject.sign_in_token).to eq false
+      end
+    end
+
+    describe 'does provide #fallback which', fallback_option: true do
+
+      it 'is readable', private: true do
+        expect(@subject).to respond_to :fallback
+      end
+
+      it 'can\'t be written', private: true do
+        expect(@subject).not_to respond_to :fallback=
+      end
+
+      it 'defaults to :devise', private: true do
+        expect(@subject.fallback).to eq :devise
+      end
+    end
+
+    describe 'provides #parse_options which' do
+
+      describe 'replaces :fallback_to_devise by :fallback' do
+
+        context 'when :fallback option is set' do
+
+          it 'removes :fallback_to_devise', private: true do
+            options = { fallback: 'anything', fallback_to_devise: true }
+            expect(@subject.parse_options(options)).to eq({ fallback: 'anything' })
+          end
+        end
+
+        context 'when :fallback option is omitted' do
+          context 'and :fallback_to_devise is true' do
+
+            it 'replaces it by fallback: :devise', private: true do
+              options = { fallback_to_devise: true }
+              expect(@subject.parse_options(options)).to eq({ fallback: :devise })
+            end
+          end
+
+          context 'and :fallback_to_devise is false' do
+
+            context 'when :fallback default is :devise' do
+              it 'replaces :fallback_to_devise by fallback: :none', private: true do
+                allow(SimpleTokenAuthentication).to receive(:fallback).and_return(:devise)
+                options = { fallback_to_devise: false }
+                expect(@subject.parse_options(options)).to eq({ fallback: :none })
+              end
+            end
+
+            context 'when :fallback default is not :devise' do
+              it 'replaces :fallback_to_devise by :fallback default', private: true do
+                allow(SimpleTokenAuthentication).to receive(:fallback).and_return('anything_but_devise')
+                options = { fallback_to_devise: false }
+                expect(@subject.parse_options(options)).to eq({ fallback: 'anything_but_devise' })
+              end
+            end
+          end
+
+          context 'and :fallback_to_devise is omitted' do
+            it 'sets :fallback to its default value', private: true do
+              allow(SimpleTokenAuthentication).to receive(:fallback).and_return('any_value')
+              options = {}
+              expect(@subject.parse_options(options)).to eq({ fallback: 'any_value' })
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/spec/lib/simple_token_authentication/entities_manager_spec.rb

@@ -0,0 +1,67 @@
+require 'spec_helper'
+
+describe SimpleTokenAuthentication::EntitiesManager do
+
+  # The 'model' argument is quite vague, as it is for Entity;
+  # let's do nothing to solve that undefinition for now.
+
+  it_behaves_like 'an entities manager'
+
+  describe '#find_or_create_entity' do
+
+    before(:each) do
+      entity = double()
+      allow(entity).to receive(:new).and_return('an Entity instance')
+      stub_const('SimpleTokenAuthentication::Entity', entity)
+
+      super_user = double()
+      allow(super_user).to receive(:name) # any Ruby class has a name
+      stub_const('SuperUser', super_user)
+    end
+
+    context 'when a model is provided for the first time' do
+
+      it 'creates an Entity instance for the model', private: true do
+        expect(SimpleTokenAuthentication::Entity).to receive(:new).with(SuperUser)
+        expect(subject.find_or_create_entity(SuperUser)).to eq 'an Entity instance'
+      end
+
+      context 'even if Entity instances for other models exist', private: true do
+
+        before(:each) do
+          # define another model
+          admin = double()
+          allow(admin).to receive(:name).and_return('Admin')
+          stub_const('Admin', admin)
+          # ensure its Entity instance exists
+          subject.find_or_create_entity(Admin)
+          allow(SimpleTokenAuthentication::Entity).to receive(:new).and_return('some new Entity instance')
+        end
+
+        it 'creates an Entity instance for the model', private: true do
+          expect(SimpleTokenAuthentication::Entity).to receive(:new).with(SuperUser)
+          expect(subject.find_or_create_entity(SuperUser)).to eq 'some new Entity instance'
+        end
+      end
+    end
+
+    context 'when an Entity instance for that model already exists' do
+
+      before(:each) do
+        allow(SuperUser).to receive(:name).and_return('SuperUser')
+        subject.find_or_create_entity(SuperUser)
+
+        allow(SimpleTokenAuthentication::Entity).to receive(:new).and_return('some new Entity instance')
+      end
+
+      it 'returns that Entity instance', private: true do
+        expect(subject.find_or_create_entity(SuperUser)).to eq 'an Entity instance'
+      end
+
+      it 'does not create a new Entity instance', private: true do
+        expect(SimpleTokenAuthentication::Entity).not_to receive(:new).with(SuperUser)
+        subject.find_or_create_entity(SuperUser)
+      end
+    end
+  end
+end

data/spec/lib/simple_token_authentication/entity_spec.rb

@@ -0,0 +1,190 @@
+require 'spec_helper'
+
+describe SimpleTokenAuthentication::Entity do
+
+  before(:each) do
+    user = double()
+    allow(user).to receive(:name).and_return('SuperUser')
+    stub_const('SuperUser', user)
+
+    @subject = SimpleTokenAuthentication::Entity.new(SuperUser)
+  end
+
+  it 'responds to :model', protected: true do
+    expect(@subject).to respond_to :model
+  end
+
+  it 'responds to :name', protected: true do
+    expect(@subject).to respond_to :name
+  end
+
+  it 'responds to :name_underscore', protected: true do
+    expect(@subject).to respond_to :name_underscore
+  end
+
+  it 'responds to :token_header_name', protected: true do
+    expect(@subject).to respond_to :token_header_name
+  end
+
+  it 'responds to :identifier_header_name', protected: true do
+    expect(@subject).to respond_to :identifier_header_name
+  end
+
+  it 'responds to :token_param_name', protected: true do
+    expect(@subject).to respond_to :token_param_name
+  end
+
+  it 'responds to :identifier_param_name', protected: true do
+    expect(@subject).to respond_to :identifier_param_name
+  end
+
+  it 'responds to :get_token_from_params_or_headers', protected: true do
+    expect(@subject).to respond_to :get_token_from_params_or_headers
+  end
+
+  it 'responds to :get_identifier_from_params_or_headers', protected: true do
+    expect(@subject).to respond_to :get_identifier_from_params_or_headers
+  end
+
+  describe '#model' do
+    it 'is a constant', protected: true do
+      expect(@subject.model).to eq SuperUser
+    end
+  end
+
+  describe '#name' do
+    it 'is a camelized String', protected: true do
+      expect(@subject.name).to be_instance_of String
+      expect(@subject.name).to eq @subject.name.camelize
+    end
+  end
+
+  describe '#name_underscore', protected: true do
+    it 'is an underscored String' do
+      expect(@subject.name_underscore).to be_instance_of String
+      expect(@subject.name_underscore).to eq @subject.name_underscore.underscore
+    end
+  end
+
+  describe '#token_header_name', protected: true do
+    it 'is a String' do
+      expect(@subject.token_header_name).to be_instance_of String
+    end
+
+    it 'defines a non-standard header field' do
+      expect(@subject.token_header_name[0..1]).to eq 'X-'
+    end
+  end
+
+  describe '#identifier_header_name', protected: true do
+    it 'is a String' do
+      expect(@subject.identifier_header_name).to be_instance_of String
+    end
+
+    it 'defines a non-standard header field' do
+      expect(@subject.identifier_header_name[0..1]).to eq 'X-'
+    end
+  end
+
+  describe '#token_param_name', protected: true do
+    it 'is a Symbol' do
+      expect(@subject.token_param_name).to be_instance_of Symbol
+    end
+  end
+
+  describe '#identifier_param_name', protected: true do
+    it 'is a Symbol' do
+      expect(@subject.identifier_param_name).to be_instance_of Symbol
+    end
+  end
+
+  describe '#get_token_from_params_or_headers', protected: true do
+
+    context 'when a token is present in params' do
+
+      before(:each) do
+        @controller = double()
+        allow(@controller).to receive(:params).and_return({ super_user_token: 'The_ToKeN' })
+      end
+
+      it 'returns that token (String)' do
+        expect(@subject.get_token_from_params_or_headers(@controller)).to be_instance_of String
+        expect(@subject.get_token_from_params_or_headers(@controller)).to eq 'The_ToKeN'
+      end
+
+      context 'and another token is present in the headers' do
+
+        before(:each) do
+          allow(@controller).to receive_message_chain(:request, :headers)
+                     .and_return({ 'X-SuperUser-Token' => 'HeAd3rs_ToKeN' })
+        end
+
+        it 'returns the params token' do
+          expect(@subject.get_token_from_params_or_headers(@controller)).to eq 'The_ToKeN'
+        end
+      end
+    end
+
+    context 'when no token is present in params' do
+
+      context 'and a token is present in the headers' do
+
+        before(:each) do
+          @controller = double()
+          allow(@controller).to receive(:params).and_return({ super_user_token: '' })
+          allow(@controller).to receive_message_chain(:request, :headers)
+                     .and_return({ 'X-SuperUser-Token' => 'HeAd3rs_ToKeN' })
+        end
+
+        it 'returns the headers token' do
+          expect(@subject.get_token_from_params_or_headers(@controller)).to eq 'HeAd3rs_ToKeN'
+        end
+      end
+    end
+  end
+
+  describe '#get_identifier_from_params_or_headers', protected: true do
+
+    context 'when an identifier is present in params' do
+
+      before(:each) do
+        @controller = double()
+        allow(@controller).to receive(:params).and_return({ super_user_email: 'alice@example.com' })
+      end
+
+      it 'returns that identifier (String)' do
+        expect(@subject.get_identifier_from_params_or_headers(@controller)).to be_instance_of String
+        expect(@subject.get_identifier_from_params_or_headers(@controller)).to eq 'alice@example.com'
+      end
+
+      context 'and another identifier is present in the headers' do
+
+        before(:each) do
+          allow(@controller).to receive_message_chain(:request, :headers)
+                     .and_return({ 'X-SuperUser-Email' => 'bob@example.com' })
+        end
+
+        it 'returns the params identifier' do
+          expect(@subject.get_identifier_from_params_or_headers(@controller)).to eq 'alice@example.com'
+        end
+      end
+    end
+
+    context 'when no identifier is present in params' do
+
+      context 'and an identifier is present in the headers' do
+
+        before(:each) do
+          @controller = double()
+          allow(@controller).to receive(:params).and_return({ super_user_email: '' })
+          allow(@controller).to receive_message_chain(:request, :headers)
+                     .and_return({ 'X-SuperUser-Email' => 'bob@example.com' })
+        end
+
+        it 'returns the headers identifier' do
+          expect(@subject.get_identifier_from_params_or_headers(@controller)).to eq 'bob@example.com'
+        end
+      end
+    end
+  end
+end

data/spec/lib/simple_token_authentication/errors_spec.rb

@@ -0,0 +1,8 @@
+require 'spec_helper'
+
+describe SimpleTokenAuthentication::NoAdapterAvailableError do
+
+  it 'is a kind of LoadError', public: true do
+    expect(subject).to be_kind_of LoadError
+  end
+end

data/spec/lib/simple_token_authentication/fallback_authentication_handler_spec.rb

@@ -0,0 +1,24 @@
+require 'spec_helper'
+
+describe SimpleTokenAuthentication::FallbackAuthenticationHandler do
+
+  it_behaves_like 'an authentication handler'
+
+  describe '#authenticate_entity!' do
+
+    it 'delegates authentication to Devise::Controllers::Helpers through a controller', private: true do
+      controller = double()
+      allow(controller).to receive(:authenticate_user!).and_return('Devise response.')
+
+      entity = double()
+      allow(entity).to receive_message_chain(:name_underscore).and_return('user')
+
+      # delegating consists in sending the message
+      expect(controller).to receive(:authenticate_user!)
+      response = subject.authenticate_entity!(controller, entity)
+
+      # and returning the response
+      expect(response).to eq 'Devise response.'
+    end
+  end
+end

data/spec/lib/simple_token_authentication/sign_in_handler_spec.rb

@@ -0,0 +1,43 @@
+require 'spec_helper'
+
+describe SimpleTokenAuthentication::SignInHandler do
+
+  it_behaves_like 'a sign in handler'
+
+  describe '#sign_in' do
+
+    it 'delegates sign in to Devise::Controllers::SignInOut#sign_in through a controller', private: true do
+      controller = double()
+      allow(controller).to receive(:sign_in).with(:record, option: 'some_value').and_return('Devise response.')
+      allow(controller).to receive(:env).and_return({})
+
+      # delegating consists in sending the message
+      expect(controller).to receive(:sign_in)
+      response = subject.sign_in(controller, :record, option: 'some_value')
+
+      # and returning the response
+      expect(response).to eq 'Devise response.'
+    end
+
+    it 'integrates with Devise trackable', protected: true do
+      controller = double()
+      allow(controller).to receive(:sign_in).with(:record)
+      allow(controller).to receive(:integrate_with_devise_trackable!)
+
+      expect(subject).to receive(:integrate_with_devise_trackable!).with(controller)
+      subject.sign_in(controller, :record)
+    end
+  end
+
+  describe '#integrate_with_devise_trackable!' do
+
+    it 'ensures Devise trackable statistics are kept clean', private: true do
+      controller = double()
+      env = double()
+      allow(controller).to receive(:env).and_return(env)
+      expect(env).to receive(:[]=).with('devise.skip_trackable', true)
+
+      subject.send :integrate_with_devise_trackable!, controller
+    end
+  end
+end