stocktwits 1.0.0

data/lib/stocktwits/dispatcher/basic.rb

@@ -0,0 +1,46 @@
+require 'net/http'
+
+module Stocktwits
+  module Dispatcher
+    class Basic
+      include Stocktwits::Dispatcher::Shared
+
+      attr_accessor :user
+
+      def initialize(user)
+        raise Stocktwits::Error, 'Dispatcher must be initialized with a User.' unless user.is_a?(Stocktwits::BasicUser)
+        self.user = user
+      end
+
+      def request(http_method, path, body=nil, *arguments)
+        path = Stocktwits.path_prefix + path
+        path = append_extension_to(path)
+
+        response = Stocktwits.net.start{ |http|
+          req = "Net::HTTP::#{http_method.to_s.capitalize}".constantize.new(path, *arguments)
+          req.basic_auth user.login, user.password
+          req.set_form_data(body) unless body.nil?
+          http.request(req)
+        }
+        
+        handle_response(response)      
+      end
+
+      def get(path, *arguments)
+        request(:get, path, *arguments)
+      end
+
+      def post(path, body='', *arguments)
+        request(:post, path, body, *arguments)
+      end
+
+      def put(path, body='', *arguments)
+        request(:put, path, body, *arguments)
+      end
+
+      def delete(path, *arguments)
+        request(:delete, path, *arguments)
+      end
+    end
+  end
+end

data/lib/stocktwits/dispatcher/oauth.rb

@@ -0,0 +1,26 @@
+require 'oauth'
+
+module Stocktwits
+  module Dispatcher
+    class Oauth < OAuth::AccessToken
+      include Stocktwits::Dispatcher::Shared
+
+      attr_accessor :user
+
+      def initialize(user)
+        raise Stocktwits::Error, 'Dispatcher must be initialized with a User.' unless user.is_a?(Stocktwits::OauthUser) 
+        self.user = user
+        super(Stocktwits.consumer, user.access_token, user.access_secret)
+      end
+
+      def request(http_method, path, *arguments)
+        path = Stocktwits.path_prefix + path
+        path = append_extension_to(path)
+
+        response = super
+
+        handle_response(response)
+      end
+    end
+  end
+end

data/lib/stocktwits/dispatcher/plain.rb

@@ -0,0 +1,44 @@
+require 'net/http'
+
+module Stocktwits
+  module Dispatcher
+    class Plain
+      include Stocktwits::Dispatcher::Shared
+
+      attr_accessor :user
+
+      def initialize(user)
+        raise Stocktwits::Error, 'Dispatcher must be initialized with a User.' unless user.is_a?(Stocktwits::PlainUser)
+        self.user = user
+      end
+
+      def request(http_method, path, body=nil, *arguments)
+        path = Stocktwits.path_prefix + path
+        path = append_extension_to(path)
+        response = Stocktwits.net.start{ |http|
+          req = "Net::HTTP::#{http_method.to_s.capitalize}".constantize.new(path, *arguments)
+          req.set_form_data(body) unless body.nil?
+          http.request(req)
+        }
+        
+        handle_response(response)      
+      end
+
+      def get(path, *arguments)
+        request(:get, path, *arguments)
+      end
+
+      def post(path, body='', *arguments)
+        request(:post, path, body, *arguments)
+      end
+
+      def put(path, body='', *arguments)
+        request(:put, path, body, *arguments)
+      end
+
+      def delete(path, *arguments)
+        request(:delete, path, *arguments)
+      end
+    end
+  end
+end

data/lib/stocktwits/dispatcher/shared.rb

@@ -0,0 +1,42 @@
+module Stocktwits
+  module Dispatcher
+    module Shared
+      
+      # def post!(status)
+      #   self.post('/statuses/update.json', :status => status)
+      # end
+
+      def append_extension_to(path)
+        path, query_string = *(path.split("?"))
+        path << '.json' unless path.match(/\.(:?xml|json)\z/i)
+        "#{path}#{"?#{query_string}" if query_string}"
+      end
+
+      def handle_response(response)
+        case response
+        when Net::HTTPOK 
+          begin
+            JSON.parse(response.body)
+          rescue JSON::ParserError
+            response.body
+          end
+        when Net::HTTPUnauthorized
+          raise Stocktwits::Dispatcher::Unauthorized, 'The credentials provided did not authorize the user.'
+        else
+          message = begin
+            JSON.parse(response.body)['error']
+          rescue JSON::ParserError
+            if match = response.body.match(/<error>(.*)<\/error>/)
+              match[1]
+            else
+              raise response.body
+              'An error occurred processing your Stocktwits request. '
+            end
+          end
+
+          raise Stocktwits::Dispatcher::Error, message
+        end
+      end
+    end
+  end
+end

data/rails/init.rb

@@ -0,0 +1,6 @@
+require 'json'
+require 'oauth'
+require 'ezcrypto'
+require 'stocktwits'
+
+RAILS_DEFAULT_LOGGER.info "** StockTwits initalized properly."

data/spec/application.rb

@@ -0,0 +1 @@
+class ApplicationController < ActionController::Base; end

data/spec/controllers/controller_extensions_spec.rb

@@ -0,0 +1,162 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+
+ActionController::Routing::Routes.draw do |map|
+  map.connect ':controller/:action/:id'
+end
+
+class StocktwitsTestController < ApplicationController
+  before_filter :login_required, :only => [:login_required_action]
+
+  def login_required_action
+    render :text => "You are logged in!"
+  end
+
+  def fail_auth
+    authentication_failed('Auth FAIL.')
+  end
+
+  def pass_auth
+    if params[:message]
+      authentication_succeeded(params[:message])
+    else
+      authentication_succeeded
+    end
+  end
+
+  def access_denied_action
+    access_denied
+  end
+
+  def redirect_back_action
+    redirect_back_or_default(params[:to] || '/')
+  end
+
+  def logout_keeping_session_action
+    logout_keeping_session!
+    redirect_back_or_default('/')
+  end
+
+  def current_user_action
+    @user = current_user
+    render :nothing => true
+  end
+end
+
+describe StocktwitsTestController do
+  before do
+    controller.stub!(:cookies).and_return({})
+  end
+
+  %w(authentication_failed authentication_succeeded current_user authorized? login_required access_denied store_location redirect_back_or_default logout_keeping_session!).each do |m|
+    it "should respond to the extension method '#{m}'" do
+      controller.should respond_to(m)
+    end
+  end
+
+  describe "#authentication_failed" do
+    it 'should set the flash[:error] to the message passed in' do
+      get :fail_auth
+      flash[:error].should == 'Auth FAIL.'
+    end
+
+    it 'should redirect to the root' do
+      get :fail_auth
+      should redirect_to('/')
+    end
+  end
+
+  describe "#authentication_succeeded" do
+    it 'should set the flash[:notice] to a default success message' do
+      get :pass_auth
+      flash[:notice].should == 'You have logged in successfully.' 
+    end
+
+    it 'should be able ot receive a custom message' do
+      get :pass_auth, :message => 'Eat at Joes.'
+      flash[:notice].should == 'Eat at Joes.'
+    end
+  end
+
+  describe '#current_user' do
+    it 'should find the user based on the session user_id' do
+      user = Factory.create(:stocktwits_oauth_user)
+      request.session[:user_id] = user.id
+      get(:current_user_action)
+      assigns[:user].should == user
+    end
+
+    it 'should log the user in through a cookie' do
+      user = Factory(:stocktwits_oauth_user, :remember_token => 'abc', :remember_token_expires_at => (Time.now + 10.days))
+      controller.stub!(:cookies).and_return({:remember_token => 'abc'})
+      get :current_user_action
+      assigns[:user].should == user
+    end
+
+    it 'should return nil if there is no user matching that id' do
+      request.session[:user_id] = 2345
+      get :current_user_action
+      assigns[:user].should be_nil
+    end
+  end
+
+  describe "#authorized?" do
+    it 'should be true if there is a current_user' do
+      user = Factory.create(:stocktwits_oauth_user)
+      controller.stub!(:current_user).and_return(user)
+      controller.send(:authorized?).should be_true
+    end
+
+    it 'should be false if there is not current_user' do
+      controller.stub!(:current_user).and_return(nil)
+      controller.send(:authorized?).should be_false
+    end
+  end
+
+  describe '#access_denied' do
+    it 'should redirect to the login path' do
+      get :access_denied_action
+      should redirect_to(login_path)
+    end
+
+    it 'should store the location first' do
+      controller.should_receive(:store_location).once
+      get :access_denied_action
+    end
+  end
+
+  describe '#redirect_back_or_default' do
+    it 'should redirect if there is a session[:return_to]' do
+      request.session[:return_to] = '/'
+      get :redirect_back_action, :to => '/notroot'
+      should redirect_to('/')
+    end
+
+    it 'should redirect to the default provided otherwise' do
+      get :redirect_back_action, :to => '/someurl'
+      should redirect_to('/someurl')
+    end
+  end
+
+  describe 'logout_keeping_session!' do
+    before do
+      @user = Factory.create(:stocktwits_oauth_user)
+      request.session[:user_id] = @user.id
+    end
+
+    it 'should unset session[:user_id]' do
+      get :logout_keeping_session_action
+      request.session[:user_id].should be_nil
+    end
+
+    it 'should unset current_user' do
+      controller.send(:current_user).should == @user
+      get :logout_keeping_session_action
+      controller.send(:current_user).should be_false
+    end
+
+    it 'should unset the cookie' do
+      controller.send(:cookies).should_receive(:delete).with(:remember_token)
+      get :logout_keeping_session_action
+    end
+  end
+end

data/spec/controllers/sessions_controller_spec.rb

@@ -0,0 +1,221 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+
+describe SessionsController do
+  integrate_views
+
+  describe 'routes' do
+    it 'should route /session/new to SessionsController#new' do
+      params_from(:get, '/session/new').should == {:controller => 'sessions', :action => 'new'}
+    end
+
+    it 'should route /login to SessionsController#new' do
+      params_from(:get, '/login').should == {:controller => 'sessions', :action => 'new'}
+    end
+
+    it 'should route /logout to SessionsController#destroy' do
+      params_from(:get, '/logout').should == {:controller => 'sessions', :action => 'destroy'}
+    end
+
+    it 'should route DELETE /session to SessionsController#destroy' do
+      params_from(:delete, '/session').should == {:controller => 'sessions', :action => 'destroy'}
+    end
+
+    it 'should route /oauth_callback to SessionsController#oauth_callback' do
+      params_from(:get, '/oauth_callback').should == {:controller => 'sessions', :action => 'oauth_callback'}
+    end
+
+    it 'should route POST /session to SessionsController#create' do
+      params_from(:post, '/session').should == {:controller => 'sessions', :action => 'create'}
+    end
+  end
+
+  describe 'with OAuth strategy' do
+    before do
+      stub_oauth!
+    end
+
+    describe '#new' do
+      it 'should retrieve a request token' do
+        get :new
+        assigns[:request_token].token.should == 'faketoken'
+        assigns[:request_token].secret.should == 'faketokensecret'
+      end
+
+      it 'should set session variables for the request token' do
+        get :new
+        session[:request_token].should == 'faketoken'
+        session[:request_token_secret].should == 'faketokensecret'
+      end
+
+      it 'should redirect to the oauth authorization url' do
+        get :new
+        response.should redirect_to('https://twitter.com/oauth/authorize?oauth_token=faketoken')
+      end
+
+      it 'should redirect to the oauth_callback if one is specified' do
+        Stocktwits.stub!(:oauth_callback).and_return('http://localhost:3000/development')
+        Stocktwits.stub!(:oauth_callback?).and_return(true)        
+
+        get :new
+        response.should redirect_to('https://twitter.com/oauth/authorize?oauth_token=faketoken&oauth_callback=' + CGI.escape(Stocktwits.oauth_callback))
+      end
+    end
+
+    describe '#oauth_callback' do
+      describe 'with no session info' do
+        it 'should set the flash[:error]' do
+          get :oauth_callback, :oauth_token => 'faketoken'
+          flash[:error].should == 'No authentication information was found in the session. Please try again.'
+        end
+
+        it 'should redirect to "/" by default' do
+          get :oauth_callback, :oauth_token => 'faketoken'
+          response.should redirect_to('/')
+        end
+
+        it 'should call authentication_failed' do
+          controller.should_receive(:authentication_failed).any_number_of_times
+          get :oauth_callback, :oauth_token => 'faketoken'
+        end
+      end
+
+      describe 'with proper info' do
+        before do
+          @user = Factory.create(:twitter_oauth_user, :twitter_id => '123')
+          @time = Time.now
+          @remember_token = ActiveSupport::SecureRandom.hex(10)
+          
+          Time.stub!(:now).and_return(@time)
+          ActiveSupport::SecureRandom.stub!(:hex).and_return(@remember_token)
+
+          request.session[:request_token] = 'faketoken'
+          request.session[:request_token_secret] = 'faketokensecret'
+          get :oauth_callback, :oauth_token => 'faketoken'
+        end 
+
+        describe 'building the access token' do
+          it 'should rebuild the request token' do
+            correct_token =  OAuth::RequestToken.new(Stocktwits.consumer,'faketoken','faketokensecret')
+            
+            %w(token secret).each do |att|
+              assigns[:request_token].send(att).should == correct_token.send(att)
+            end
+          end
+
+          it 'should exchange the request token for an access token' do
+            assigns[:access_token].should be_a(OAuth::AccessToken)
+            assigns[:access_token].token.should == 'fakeaccesstoken'
+            assigns[:access_token].secret.should == 'fakeaccesstokensecret'
+          end
+
+          it 'should wipe the request token after exchange' do
+            session[:request_token].should be_nil
+            session[:request_token_secret].should be_nil
+          end
+        end
+        
+        describe 'identifying the user' do
+          it "should find the user" do         
+            assigns[:user].should == @user
+          end
+
+          it "should assign the user id to the session" do
+            session[:user_id].should == @user.id
+          end
+
+          it "should call remember me" do
+            @user.reload
+            @user.remember_token.should == @remember_token
+          end
+
+          it "should set a cookie" do
+            cookies[:remember_token].should == @remember_token
+          end
+        end
+
+        describe "when OAuth doesn't work" do
+          before do
+            request.session[:request_token] = 'faketoken'
+            request.session[:request_token_secret] = 'faketokensecret'
+            @request_token =  OAuth::RequestToken.new(Stocktwits.consumer, session[:request_token], session[:request_token_secret])
+            OAuth::RequestToken.stub!(:new).and_return(@request_token)
+          end
+
+          it 'should call authentication_failed when it gets a 401 from OAuth' do
+            @request_token.stub!(:get_access_token).and_raise(Net::HTTPServerException.new('401 "Unauthorized"', '401 "Unauthorized"'))
+            controller.should_receive(:authentication_failed).with('This authentication request is no longer valid. Please try again.')
+            # the should raise_error is hacky because of the expectation
+            # stubbing the proper behavior :-(
+            lambda{get :oauth_callback, :oauth_token => 'faketoken'}.should raise_error(ActionView::MissingTemplate)
+          end
+
+          it 'should call authentication_failed when it gets a different HTTPServerException' do
+            @request_token.stub!(:get_access_token).and_raise(Net::HTTPServerException.new('404 "Not Found"', '404 "Not Found"'))
+            controller.should_receive(:authentication_failed).with('There was a problem trying to authenticate you. Please try again.')
+            lambda{get :oauth_callback, :oauth_token => 'faketoken'}.should raise_error(ActionView::MissingTemplate)
+          end
+        end
+      end
+    end
+  end
+
+  describe 'with Basic strategy' do
+    before do
+      stub_basic!
+    end
+    
+    describe '#new' do
+      it 'should render the new action' do
+        get :new
+        response.should render_template('sessions/new')
+      end
+
+      it 'should render the login form' do
+        get :new
+        response.should have_tag('form[action=/session][id=login_form][method=post]')
+      end
+      
+      describe '#create' do
+        before do
+          @user = Factory.create(:twitter_basic_user, :twitter_id => '123')
+        end
+
+        it 'should call logout_keeping_session! to remove session info' do
+          controller.should_receive(:logout_keeping_session!)
+          post :create
+        end
+
+        it 'should try to authenticate the user' do
+          User.should_receive(:authenticate)
+          post :create
+        end
+
+        it 'should call authentication_failed on authenticate failure' do
+          User.should_receive(:authenticate).and_return(nil)
+          post :create, :login => 'wrong', :password => 'false'
+          response.should redirect_to('/login')
+        end
+
+        it 'should call authentication_succeeded on authentication success' do
+          User.should_receive(:authenticate).and_return(@user)    
+          post :create, :login => 'twitterman', :password => 'cool'
+          response.should redirect_to('/')
+          flash[:notice].should_not be_blank
+        end
+      end
+    end
+
+  end
+
+  describe '#destroy' do
+    it 'should call logout_keeping_session!' do
+      controller.should_receive(:logout_keeping_session!).once
+      get :destroy
+    end
+
+    it 'should redirect to the root' do
+      get :destroy
+      response.should redirect_to('/')
+    end
+  end
+end