stn-simple_token_authentication 1.7.1

data/spec/lib/simple_token_authentication/token_authentication_handler_spec.rb

@@ -0,0 +1,351 @@
+require 'spec_helper'
+
+describe 'Any class which includes SimpleTokenAuthentication::TokenAuthenticationHandler' do
+
+  let(:described_class) do
+    define_dummy_class_which_includes SimpleTokenAuthentication::TokenAuthenticationHandler
+  end
+
+  after(:each) do
+    # ensure_examples_independence
+    SimpleTokenAuthentication.send(:remove_const, :SomeClass)
+  end
+
+  it_behaves_like 'a token authentication handler'
+
+  let(:subject) { described_class }
+
+  describe '.handle_token_authentication_for' do
+
+    before(:each) do
+      double_user_model
+    end
+
+    it 'ensures token authentication is handled for a given (token authenticatable) model', public: true do
+      entities_manager = double()
+      allow(entities_manager).to receive(:find_or_create_entity).and_return('entity')
+
+      # skip steps which are not relevant in this example
+      allow(SimpleTokenAuthentication).to receive(:fallback).and_return('default')
+      allow(subject).to receive(:entities_manager).and_return(entities_manager)
+      allow(subject).to receive(:set_token_authentication_hooks)
+      allow(subject).to receive(:define_token_authentication_helpers_for)
+
+      expect(subject).to receive(:set_token_authentication_hooks).with('entity', {option: 'value', fallback: 'default'})
+      subject.handle_token_authentication_for(User, {option: 'value'})
+    end
+
+    context 'when called multiple times' do
+
+      it 'ensures token authentication is handled for the given (token authenticatable) models', public: true do
+        double_super_admin_model
+        entities_manager = double()
+        allow(entities_manager).to receive(:find_or_create_entity).with(User).and_return('User entity')
+        allow(entities_manager).to receive(:find_or_create_entity).with(SuperAdmin).and_return('SuperAdmin entity')
+
+        # skip steps which are not relevant in this example
+        allow(SimpleTokenAuthentication).to receive(:fallback).and_return('default')
+        allow(subject).to receive(:entities_manager).and_return(entities_manager)
+        allow(subject).to receive(:set_token_authentication_hooks)
+        allow(subject).to receive(:define_token_authentication_helpers_for)
+
+        expect(subject).to receive(:set_token_authentication_hooks).with('User entity', {option: 'value', fallback: 'default'})
+        expect(subject).to receive(:set_token_authentication_hooks).with('SuperAdmin entity', {option: 'some specific value', fallback: 'default'})
+        subject.handle_token_authentication_for(User, {option: 'value'})
+        subject.handle_token_authentication_for(SuperAdmin, {option: 'some specific value'})
+      end
+    end
+  end
+
+  describe '.entities_manager' do
+
+    before(:each) do
+      # The private tag is here to keep the following examples out of
+      # the public documentation.
+      subject.send :public_class_method, :entities_manager
+
+      allow(SimpleTokenAuthentication::EntitiesManager).to receive(:new)
+        .and_return('a EntitiesManager instance')
+    end
+
+    context 'when called for the first time' do
+
+      it 'creates a new EntitiesManager instance', private: true do
+        expect(SimpleTokenAuthentication::EntitiesManager).to receive(:new)
+        expect(subject.entities_manager).to eq 'a EntitiesManager instance'
+      end
+    end
+
+    context 'when a EntitiesManager instance was already created' do
+
+      before(:each) do
+        subject.entities_manager
+        # let's make any new EntitiesManager distinct from the first
+        allow(SimpleTokenAuthentication::EntitiesManager).to receive(:new)
+        .and_return('another EntitiesManager instance')
+      end
+
+      it 'returns that instance', private: true do
+        expect(subject.entities_manager).to eq 'a EntitiesManager instance'
+      end
+
+      it 'does not create a new EntitiesManager instance', private: true do
+        expect(SimpleTokenAuthentication::EntitiesManager).not_to receive(:new)
+        expect(subject.entities_manager).not_to eq 'another EntitiesManager instance'
+      end
+    end
+  end
+
+  describe '.fallback_authentication_handler' do
+
+    before(:each) do
+      # The private tag is here to keep the following examples out of
+      # the public documentation.
+      subject.send :public_class_method, :fallback_authentication_handler
+
+      allow(SimpleTokenAuthentication::FallbackAuthenticationHandler).to receive(:new)
+        .and_return('a FallbackAuthenticationHandler instance')
+    end
+
+    context 'when called for the first time' do
+
+      it 'creates a new FallbackAuthenticationHandler instance', private: true do
+        expect(SimpleTokenAuthentication::FallbackAuthenticationHandler).to receive(:new)
+        expect(subject.fallback_authentication_handler).to eq 'a FallbackAuthenticationHandler instance'
+      end
+    end
+
+    context 'when a FallbackAuthenticationHandler instance was already created' do
+
+      before(:each) do
+        subject.fallback_authentication_handler
+        # let's make any new FallbackAuthenticationHandler distinct from the first
+        allow(SimpleTokenAuthentication::FallbackAuthenticationHandler).to receive(:new)
+        .and_return('another FallbackAuthenticationHandler instance')
+      end
+
+      it 'returns that instance', private: true do
+        expect(subject.fallback_authentication_handler).to eq 'a FallbackAuthenticationHandler instance'
+      end
+
+      it 'does not create a new FallbackAuthenticationHandler instance', private: true do
+        expect(SimpleTokenAuthentication::FallbackAuthenticationHandler).not_to receive(:new)
+        expect(subject.fallback_authentication_handler).not_to eq 'another FallbackAuthenticationHandler instance'
+      end
+    end
+  end
+
+  describe '#find_record_from_identifier', private: true do
+
+    before(:each) do
+      @entity = double()
+    end
+
+    context 'when the Devise config. does not defines the identifier as a case-insentitive key' do
+
+      before(:each) do
+        allow(Devise).to receive_message_chain(:case_insensitive_keys, :include?)
+        .with(:email).and_return(false)
+      end
+
+      context 'when a downcased identifier was provided' do
+
+        before(:each) do
+          allow(@entity).to receive(:get_identifier_from_params_or_headers)
+          .and_return('alice@example.com')
+        end
+
+        it 'returns the proper record if any' do
+          # let's say there is a record
+          record = double()
+          allow(@entity).to receive_message_chain(:model, :where).with(email: 'alice@example.com')
+          .and_return([record])
+
+          expect(subject.new.send(:find_record_from_identifier, @entity)).to eq record
+        end
+      end
+
+      context 'when a upcased identifier was provided' do
+
+        before(:each) do
+          allow(@entity).to receive(:get_identifier_from_params_or_headers)
+          .and_return('AliCe@ExampLe.Com')
+        end
+
+        it 'does not return any record' do
+          # let's say there is a record...
+          record = double()
+          # ...whose identifier is downcased...
+          allow(@entity).to receive_message_chain(:model, :where).with(email: 'alice@example.com')
+          .and_return([record])
+          # ...not upcased
+          allow(@entity).to receive_message_chain(:model, :where).with(email: 'AliCe@ExampLe.Com')
+          .and_return([])
+
+          expect(subject.new.send(:find_record_from_identifier, @entity)).to be_nil
+        end
+      end
+    end
+
+
+    context 'when the Devise config. defines the identifier as a case-insentitive key' do
+
+      before(:each) do
+        allow(Devise).to receive_message_chain(:case_insensitive_keys, :include?)
+        .with(:email).and_return(true)
+      end
+
+      context 'and a downcased identifier was provided' do
+
+        before(:each) do
+          allow(@entity).to receive(:get_identifier_from_params_or_headers)
+          .and_return('alice@example.com')
+        end
+
+        it 'returns the proper record if any' do
+          # let's say there is a record
+          record = double()
+          allow(@entity).to receive_message_chain(:model, :where).with(email: 'alice@example.com')
+          .and_return([record])
+
+          expect(subject.new.send(:find_record_from_identifier, @entity)).to eq record
+        end
+      end
+
+      context 'and a upcased identifier was provided' do
+
+        before(:each) do
+          allow(@entity).to receive(:get_identifier_from_params_or_headers)
+          .and_return('AliCe@ExampLe.Com')
+        end
+
+        it 'returns the proper record if any' do
+          # let's say there is a record...
+          record = double()
+          # ...whose identifier is downcased...
+          allow(@entity).to receive_message_chain(:model, :where)
+          allow(@entity).to receive_message_chain(:model, :where).with(email: 'alice@example.com')
+          .and_return([record])
+          # ...not upcased
+          allow(@entity).to receive_message_chain(:model, :where).with(email: 'AliCe@ExampLe.Com')
+          .and_return([])
+
+          expect(subject.new.send(:find_record_from_identifier, @entity)).to eq record
+        end
+      end
+    end
+  end
+
+  describe 'and which supports the :before_filter hook' do
+
+    before(:each) do
+      allow(subject).to receive(:before_filter)
+    end
+
+    # User
+
+    context 'and which handles token authentication for User' do
+
+      before(:each) do
+        double_user_model
+      end
+
+      it 'ensures its instances require user to authenticate from token or any Devise strategy before any action', public: true do
+        expect(subject).to receive(:before_filter).with(:authenticate_user_from_token!, {})
+        subject.handle_token_authentication_for User
+      end
+
+      context 'and disables the fallback to Devise authentication' do
+
+        let(:options) do
+          { fallback_to_devise: false }
+        end
+
+        it 'ensures its instances require user to authenticate from token before any action', public: true do
+          expect(subject).to receive(:before_filter).with(:authenticate_user_from_token, {})
+          subject.handle_token_authentication_for User, options
+        end
+      end
+
+      describe 'instance' do
+
+        before(:each) do
+          double_user_model
+
+          subject.class_eval do
+            handle_token_authentication_for User
+          end
+        end
+
+        it 'responds to :authenticate_user_from_token', protected: true do
+          expect(subject.new).to respond_to :authenticate_user_from_token
+        end
+
+        it 'responds to :authenticate_user_from_token!', protected: true do
+          expect(subject.new).to respond_to :authenticate_user_from_token!
+        end
+
+        it 'does not respond to :authenticate_super_admin_from_token', protected: true do
+          expect(subject.new).not_to respond_to :authenticate_super_admin_from_token
+        end
+
+        it 'does not respond to :authenticate_super_admin_from_token!', protected: true do
+          expect(subject.new).not_to respond_to :authenticate_super_admin_from_token!
+        end
+      end
+    end
+
+    # SuperAdmin
+
+    context 'and which handles token authentication for SuperAdmin' do
+
+      before(:each) do
+        double_super_admin_model
+      end
+
+      it 'ensures its instances require super_admin to authenticate from token or any Devise strategy before any action', public: true do
+        expect(subject).to receive(:before_filter).with(:authenticate_super_admin_from_token!, {})
+        subject.handle_token_authentication_for SuperAdmin
+      end
+
+      context 'and disables the fallback to Devise authentication' do
+
+        let(:options) do
+          { fallback_to_devise: false }
+        end
+
+        it 'ensures its instances require super_admin to authenticate from token before any action', public: true do
+          expect(subject).to receive(:before_filter).with(:authenticate_super_admin_from_token, {})
+          subject.handle_token_authentication_for SuperAdmin, options
+        end
+      end
+
+      describe 'instance' do
+
+        before(:each) do
+          double_super_admin_model
+
+          subject.class_eval do
+            handle_token_authentication_for SuperAdmin
+          end
+        end
+
+        it 'responds to :authenticate_super_admin_from_token', protected: true do
+          expect(subject.new).to respond_to :authenticate_super_admin_from_token
+        end
+
+        it 'responds to :authenticate_super_admin_from_token!', protected: true do
+          expect(subject.new).to respond_to :authenticate_super_admin_from_token!
+        end
+
+        it 'does not respond to :authenticate_user_from_token', protected: true do
+          expect(subject.new).not_to respond_to :authenticate_user_from_token
+        end
+
+        it 'does not respond to :authenticate_user_from_token!', protected: true do
+          expect(subject.new).not_to respond_to :authenticate_user_from_token!
+        end
+      end
+    end
+  end
+end

data/spec/lib/simple_token_authentication/token_comparator_spec.rb

@@ -0,0 +1,19 @@
+require 'spec_helper'
+
+describe SimpleTokenAuthentication::TokenComparator do
+
+  it_behaves_like 'a token comparator'
+
+  it 'delegates token comparison to Devise.secure_compare', private: true do
+    devise = double()
+    allow(devise).to receive(:secure_compare).and_return('Devise.secure_compare response.')
+    stub_const('Devise', devise)
+
+    # delegating consists in sending the message
+    expect(Devise).to receive(:secure_compare)
+    response = subject.compare('A_raNd0MtoKeN', 'ano4heR-Tok3n')
+
+    # and returning the response
+    expect(response).to eq 'Devise.secure_compare response.'
+  end
+end

data/spec/lib/simple_token_authentication/token_generator_spec.rb

@@ -0,0 +1,19 @@
+require 'spec_helper'
+
+describe SimpleTokenAuthentication::TokenGenerator do
+
+  it_behaves_like 'a token generator'
+
+  it 'delegates token generation to Devise.friendly_token', private: true do
+    devise = double()
+    allow(devise).to receive(:friendly_token).and_return('FRi3ndlY_TokeN')
+    stub_const('Devise', devise)
+
+    # delegating consists in sending the message
+    expect(Devise).to receive(:friendly_token)
+    response = subject.generate_token
+
+    # and returning the response
+    expect(response).to eq 'FRi3ndlY_TokeN'
+  end
+end

data/spec/lib/simple_token_authentication_spec.rb

@@ -0,0 +1,181 @@
+require 'spec_helper'
+
+describe SimpleTokenAuthentication do
+
+  it 'responds to :ensure_models_can_act_as_token_authenticatables', private: true do
+    expect(subject).to respond_to :ensure_models_can_act_as_token_authenticatables
+  end
+
+  it 'responds to :ensure_controllers_can_act_as_token_authentication_handlers', private: true do
+    expect(subject).to respond_to :ensure_controllers_can_act_as_token_authentication_handlers
+  end
+
+  context 'when ActiveRecord is available' do
+
+    before(:each) do
+      stub_const('ActiveRecord', Module.new)
+      stub_const('ActiveRecord::Base', Class.new)
+
+      # define a dummy ActiveRecord adapter
+      dummy_active_record_adapter = double()
+      allow(dummy_active_record_adapter).to receive(:base_class).and_return(ActiveRecord::Base)
+      stub_const('SimpleTokenAuthentication::Adapters::DummyActiveRecordAdapter',
+                                                       dummy_active_record_adapter)
+    end
+
+    describe '#ensure_models_can_act_as_token_authenticatables' do
+
+      before(:each) do
+        class SimpleTokenAuthentication::DummyModel < ActiveRecord::Base; end
+        @dummy_model = SimpleTokenAuthentication::DummyModel
+
+        expect(@dummy_model.new).to be_instance_of SimpleTokenAuthentication::DummyModel
+        expect(@dummy_model.new).to be_kind_of ActiveRecord::Base
+      end
+
+      after(:each) do
+        SimpleTokenAuthentication.send(:remove_const, :DummyModel)
+      end
+
+      it 'allows any kind of ActiveRecord::Base to act as token authenticatable', private: true do
+        expect(@dummy_model).not_to respond_to :acts_as_token_authenticatable
+
+        subject.ensure_models_can_act_as_token_authenticatables [
+                SimpleTokenAuthentication::Adapters::DummyActiveRecordAdapter]
+
+        expect(@dummy_model).to respond_to :acts_as_token_authenticatable
+      end
+    end
+  end
+
+  context 'when Mongoid is available' do
+
+    before(:each) do
+      stub_const('Mongoid', Module.new)
+      stub_const('Mongoid::Document', Class.new)
+
+      # define a dummy Mongoid adapter
+      dummy_mongoid_adapter = double()
+      allow(dummy_mongoid_adapter).to receive(:base_class).and_return(Mongoid::Document)
+      stub_const('SimpleTokenAuthentication::Adapters::DummyMongoidAdapter',
+                                                       dummy_mongoid_adapter)
+    end
+
+    describe '#ensure_models_can_act_as_token_authenticatables' do
+
+      before(:each) do
+        class SimpleTokenAuthentication::DummyModel < Mongoid::Document; end
+        @dummy_model = SimpleTokenAuthentication::DummyModel
+
+        expect(@dummy_model.new).to be_instance_of SimpleTokenAuthentication::DummyModel
+        expect(@dummy_model.new).to be_kind_of Mongoid::Document
+      end
+
+      after(:each) do
+        SimpleTokenAuthentication.send(:remove_const, :DummyModel)
+      end
+
+      it 'allows any kind of Mongoid::Document to act as token authenticatable', private: true do
+        expect(@dummy_model).not_to respond_to :acts_as_token_authenticatable
+
+        subject.ensure_models_can_act_as_token_authenticatables [
+                SimpleTokenAuthentication::Adapters::DummyMongoidAdapter]
+
+        expect(@dummy_model).to respond_to :acts_as_token_authenticatable
+      end
+    end
+  end
+
+  context 'when no ORM, ODM or OxM is available' do
+
+    before(:each) do
+      stub_const('ActiveRecord', Module.new)
+      stub_const('Mongoid', Module.new)
+    end
+
+    describe '#load_available_adapters' do
+
+      it 'raises NoAdapterAvailableError', private: true do
+        allow(subject).to receive(:require).and_return(true)
+        hide_const('ActiveRecord')
+        hide_const('Mongoid')
+
+        expect do
+          subject.load_available_adapters SimpleTokenAuthentication.model_adapters
+        end.to raise_error SimpleTokenAuthentication::NoAdapterAvailableError
+      end
+    end
+  end
+
+  context 'when ActionController::Base is available' do
+
+    before(:each) do
+      stub_const('ActionController::Base', Class.new)
+
+      # define a dummy ActionController::Base (a.k.a 'Rails') adapter
+      dummy_rails_adapter = double()
+      allow(dummy_rails_adapter).to receive(:base_class).and_return(ActionController::Base)
+      stub_const('SimpleTokenAuthentication::Adapters::DummyRailsAdapter', dummy_rails_adapter)
+    end
+
+    describe '#ensure_controllers_can_act_as_token_authentication_handlers' do
+
+      before(:each) do
+        class SimpleTokenAuthentication::DummyController < ActionController::Base; end
+        @dummy_controller = SimpleTokenAuthentication::DummyController
+
+        expect(@dummy_controller.new).to be_instance_of SimpleTokenAuthentication::DummyController
+        expect(@dummy_controller.new).to be_kind_of ActionController::Base
+      end
+
+      after(:each) do
+        SimpleTokenAuthentication.send(:remove_const, :DummyController)
+      end
+
+      it 'allows any kind of ActionController::Base to acts as token authentication handler', private: true do
+        expect(@dummy_controller).not_to respond_to :acts_as_token_authentication_handler_for
+
+        subject.ensure_controllers_can_act_as_token_authentication_handlers [
+                          SimpleTokenAuthentication::Adapters::DummyRailsAdapter]
+
+        expect(@dummy_controller).to respond_to :acts_as_token_authentication_handler_for
+      end
+    end
+  end
+
+  context 'when ActionController::API is available' do
+
+    before(:each) do
+      stub_const('ActionController::API', Class.new)
+
+      # define a dummy ActionController::API (a.k.a 'Rails API') adapter
+      dummy_rails_adapter = double()
+      allow(dummy_rails_adapter).to receive(:base_class).and_return(ActionController::API)
+      stub_const('SimpleTokenAuthentication::Adapters::DummyRailsAPIAdapter', dummy_rails_adapter)
+    end
+
+    describe '#ensure_controllers_can_act_as_token_authentication_handlers' do
+
+      before(:each) do
+        class SimpleTokenAuthentication::DummyController < ActionController::API; end
+        @dummy_controller = SimpleTokenAuthentication::DummyController
+
+        expect(@dummy_controller.new).to be_instance_of SimpleTokenAuthentication::DummyController
+        expect(@dummy_controller.new).to be_kind_of ActionController::API
+      end
+
+      after(:each) do
+        SimpleTokenAuthentication.send(:remove_const, :DummyController)
+      end
+
+      it 'allows any kind of ActionController::API to acts as token authentication handler', private: true do
+        expect(@dummy_controller).not_to respond_to :acts_as_token_authentication_handler_for
+
+        subject.ensure_controllers_can_act_as_token_authentication_handlers [
+                          SimpleTokenAuthentication::Adapters::DummyRailsAPIAdapter]
+
+        expect(@dummy_controller).to respond_to :acts_as_token_authentication_handler_for
+      end
+    end
+  end
+end