stormpath-sdk 1.1.5 → 1.2.0

data/spec/resource/application_spec.rb

@@ -54,13 +54,13 @@ describe Stormpath::Resource::Application, :vcr do
       credentialed_uri.to_s
     end
 
-    it "raises a LoadError with an invalid url" do
-      expect {
+    it 'raises a LoadError with an invalid url' do
+      expect do
         Stormpath::Resource::Application.load 'this is an invalid url'
-      }.to raise_error(Stormpath::Resource::Application::LoadError)
+      end.to raise_error(Stormpath::Resource::Application::LoadError)
     end
 
-    it "instantiates client and application objects from a composite URL" do
+    it 'instantiates client and application objects from a composite URL' do
       loaded_application = Stormpath::Resource::Application.load(url)
       expect(loaded_application).to eq(application)
     end
@@ -761,9 +761,21 @@ describe Stormpath::Resource::Application, :vcr do
       account.delete if account
     end
 
-    it 'retrieves the account with the reset password' do
-      expect(reset_password_account).to be
-      expect(reset_password_account.email).to eq(account.email)
+    context 'with decoded password reset token' do
+      it 'retrieves the account with the reset password' do
+        expect(reset_password_account).to be
+        expect(reset_password_account.email).to eq(account.email)
+      end
+    end
+
+    context 'with encoded password reset token' do
+      let(:password_reset_token) do
+        URI.encode(application.password_reset_tokens.create(email: account.email).token, '.')
+      end
+      it 'retrieves the account with the reset password' do
+        expect(reset_password_account).to be
+        expect(reset_password_account.email).to eq(account.email)
+      end
     end
 
     context 'and if the password is changed' do
@@ -1041,44 +1053,130 @@ describe Stormpath::Resource::Application, :vcr do
 
     before { account }
 
-    context 'generate access token' do
+    context 'generate access token from password grant request' do
       let(:password_grant_request) { Stormpath::Oauth::PasswordGrantRequest.new account_data[:email], account_data[:password] }
       let(:authenticate_oauth) { application.authenticate_oauth(password_grant_request) }
 
-      it 'should return access token response' do
-        expect(authenticate_oauth).to be_kind_of(Stormpath::Oauth::AccessTokenAuthenticationResult)
+      context 'without organization_name_key' do
+        it 'should return access token response' do
+          expect(authenticate_oauth).to be_kind_of(Stormpath::Oauth::AccessTokenAuthenticationResult)
+        end
+
+        it 'response should contain token data' do
+          expect(authenticate_oauth.access_token).not_to be_empty
+          expect(authenticate_oauth.refresh_token).not_to be_empty
+          expect(authenticate_oauth.token_type).not_to be_empty
+          expect(authenticate_oauth.expires_in).not_to be_nil
+          expect(authenticate_oauth.stormpath_access_token_href).not_to be_empty
+        end
       end
 
-      it 'response should contain token data' do
-        expect(authenticate_oauth.access_token).not_to be_empty
-        expect(authenticate_oauth.refresh_token).not_to be_empty
-        expect(authenticate_oauth.token_type).not_to be_empty
-        expect(authenticate_oauth.expires_in).not_to be_nil
-        expect(authenticate_oauth.stormpath_access_token_href).not_to be_empty
+      context 'with the organization name key' do
+        let!(:organization) do
+          test_api_client.organizations.create name: 'rspec-test-org', name_key: 'rspec-test-org'
+        end
+        let(:account_directory) do
+          test_api_client.directories.create(
+            name: 'rspec-directory'
+          )
+        end
+        let(:reloaded_account_directory) do
+          test_api_client.directories.get(account_directory.href)
+        end
+        let(:password_grant_request) do
+          Stormpath::Oauth::PasswordGrantRequest.new(account_data[:email],
+                                                     account_data[:password],
+                                                     organization_name_key: 'rspec-test-org')
+        end
+
+        after do
+          organization.delete
+          reloaded_account_directory.delete
+        end
+
+        before do
+          test_api_client.account_store_mappings.create(
+            application: application,
+            account_store: organization
+          )
+
+          test_api_client.organization_account_store_mappings.create(
+            account_store: { href: account_directory.href },
+            organization: { href: organization.href }
+          )
+
+          account_directory.accounts.create account_data
+        end
+
+        it 'should return access token response' do
+          expect(authenticate_oauth).to be_kind_of(Stormpath::Oauth::AccessTokenAuthenticationResult)
+        end
+
+        it 'response should contain token data' do
+          expect(authenticate_oauth.access_token).not_to be_empty
+          expect(authenticate_oauth.refresh_token).not_to be_empty
+          expect(authenticate_oauth.token_type).not_to be_empty
+          expect(authenticate_oauth.expires_in).not_to be_nil
+          expect(authenticate_oauth.stormpath_access_token_href).not_to be_empty
+        end
+
+        it 'access and refresh token should contain org in payload' do
+          jw_access = JWT.decode(authenticate_oauth.access_token, test_api_client.data_store.api_key.secret)
+          jw_refresh = JWT.decode(authenticate_oauth.refresh_token, test_api_client.data_store.api_key.secret)
+          expect(jw_access.first).to include('org')
+          expect(jw_refresh.first).to include('org')
+        end
       end
     end
 
-    context 'generate access token from stormpath_request' do
-      let(:stormpath_grant_request) do
-        Stormpath::Oauth::StormpathGrantRequest.new(
-          account,
-          application,
-          test_api_client.data_store.api_key
-        )
-      end
+    context 'generate access token from stormpath_token grant request' do
+      context 'where status authenticated' do
+        let(:stormpath_grant_request) do
+          Stormpath::Oauth::StormpathGrantRequest.new(
+            account,
+            application,
+            test_api_client.data_store.api_key
+          )
+        end
 
-      let(:authenticate_oauth) { application.authenticate_oauth(stormpath_grant_request) }
+        let(:authenticate_oauth) { application.authenticate_oauth(stormpath_grant_request) }
 
-      it 'should return access token response' do
-        expect(authenticate_oauth).to be_kind_of(Stormpath::Oauth::AccessTokenAuthenticationResult)
+        it 'should return access token response' do
+          expect(authenticate_oauth).to be_kind_of(Stormpath::Oauth::AccessTokenAuthenticationResult)
+        end
+
+        it 'response should contain token data' do
+          expect(authenticate_oauth.access_token).not_to be_empty
+          expect(authenticate_oauth.refresh_token).not_to be_empty
+          expect(authenticate_oauth.token_type).not_to be_empty
+          expect(authenticate_oauth.expires_in).not_to be_nil
+          expect(authenticate_oauth.stormpath_access_token_href).not_to be_empty
+        end
       end
 
-      it 'response should contain token data' do
-        expect(authenticate_oauth.access_token).not_to be_empty
-        expect(authenticate_oauth.refresh_token).not_to be_empty
-        expect(authenticate_oauth.token_type).not_to be_empty
-        expect(authenticate_oauth.expires_in).not_to be_nil
-        expect(authenticate_oauth.stormpath_access_token_href).not_to be_empty
+      context 'where status registered' do
+        let(:stormpath_grant_request) do
+          Stormpath::Oauth::StormpathGrantRequest.new(
+            account,
+            application,
+            test_api_client.data_store.api_key,
+            :registered
+          )
+        end
+
+        let(:authenticate_oauth) { application.authenticate_oauth(stormpath_grant_request) }
+
+        it 'should return access token response' do
+          expect(authenticate_oauth).to be_kind_of(Stormpath::Oauth::AccessTokenAuthenticationResult)
+        end
+
+        it 'response should contain token data' do
+          expect(authenticate_oauth.access_token).not_to be_empty
+          expect(authenticate_oauth.refresh_token).not_to be_empty
+          expect(authenticate_oauth.token_type).not_to be_empty
+          expect(authenticate_oauth.expires_in).not_to be_nil
+          expect(authenticate_oauth.stormpath_access_token_href).not_to be_empty
+        end
       end
     end
 
@@ -1100,13 +1198,112 @@ describe Stormpath::Resource::Application, :vcr do
 
       it 'response should contain token data' do
         expect(authenticate_oauth.access_token).not_to be_empty
-        expect(authenticate_oauth.refresh_token).not_to be_empty
         expect(authenticate_oauth.token_type).not_to be_empty
         expect(authenticate_oauth.expires_in).not_to be_nil
         expect(authenticate_oauth.stormpath_access_token_href).not_to be_empty
       end
     end
 
+    context 'generate access token from stormpath_social grant request' do
+      let(:authenticate_oauth) { application.authenticate_oauth(social_grant_request) }
+
+      context 'google' do
+        let(:code) { '4/WByqYc1UOvcYluBOsFyFbm8_BIZHbjklC5iEz7AdXcA' }
+        let(:social_grant_request) do
+          Stormpath::Oauth::SocialGrantRequest.new(:google, code: code)
+        end
+        before do
+          stub_request(:post,
+          "https://#{test_api_key_id}:#{test_api_key_secret}@api.stormpath.com/v1/applications/#{application.href.split('/').last}/oauth/token")
+          .to_return(body: Stormpath::Test.mocked_social_grant_response)
+        end
+
+        it 'should return access token response' do
+          expect(authenticate_oauth).to be_kind_of(Stormpath::Oauth::AccessTokenAuthenticationResult)
+        end
+
+        it 'response should contain token data' do
+          expect(authenticate_oauth.access_token).not_to be_empty
+          expect(authenticate_oauth.refresh_token).not_to be_empty
+          expect(authenticate_oauth.token_type).not_to be_empty
+          expect(authenticate_oauth.expires_in).not_to be_nil
+          expect(authenticate_oauth.stormpath_access_token_href).not_to be_empty
+        end
+      end
+
+      context 'linkedin' do
+        let(:code) { '4/WByqYc1UOvcYluBOsFyFbm8_BIZHbjklC5iEz7AdXcA' }
+        let(:social_grant_request) do
+          Stormpath::Oauth::SocialGrantRequest.new(:linkedin, code: code)
+        end
+        before do
+          stub_request(:post,
+          "https://#{test_api_key_id}:#{test_api_key_secret}@api.stormpath.com/v1/applications/#{application.href.split('/').last}/oauth/token")
+          .to_return(body: Stormpath::Test.mocked_social_grant_response)
+        end
+
+        it 'should return access token response' do
+          expect(authenticate_oauth).to be_kind_of(Stormpath::Oauth::AccessTokenAuthenticationResult)
+        end
+
+        it 'response should contain token data' do
+          expect(authenticate_oauth.access_token).not_to be_empty
+          expect(authenticate_oauth.refresh_token).not_to be_empty
+          expect(authenticate_oauth.token_type).not_to be_empty
+          expect(authenticate_oauth.expires_in).not_to be_nil
+          expect(authenticate_oauth.stormpath_access_token_href).not_to be_empty
+        end
+      end
+
+      context 'facebook' do
+        let(:access_token) { '4/WByqYc1UOvcYluBOsFyFbm8_BIZHbjklC5iEz7AdXcA' }
+        let(:social_grant_request) do
+          Stormpath::Oauth::SocialGrantRequest.new(:google, access_token: access_token)
+        end
+        before do
+          stub_request(:post,
+          "https://#{test_api_key_id}:#{test_api_key_secret}@api.stormpath.com/v1/applications/#{application.href.split('/').last}/oauth/token")
+          .to_return(body: Stormpath::Test.mocked_social_grant_response)
+        end
+
+        it 'should return access token response' do
+          expect(authenticate_oauth).to be_kind_of(Stormpath::Oauth::AccessTokenAuthenticationResult)
+        end
+
+        it 'response should contain token data' do
+          expect(authenticate_oauth.access_token).not_to be_empty
+          expect(authenticate_oauth.refresh_token).not_to be_empty
+          expect(authenticate_oauth.token_type).not_to be_empty
+          expect(authenticate_oauth.expires_in).not_to be_nil
+          expect(authenticate_oauth.stormpath_access_token_href).not_to be_empty
+        end
+      end
+
+      context 'github' do
+        let(:access_token) { '4/WByqYc1UOvcYluBOsFyFbm8_BIZHbjklC5iEz7AdXcA' }
+        let(:social_grant_request) do
+          Stormpath::Oauth::SocialGrantRequest.new(:github, access_token: access_token)
+        end
+        before do
+          stub_request(:post,
+          "https://#{test_api_key_id}:#{test_api_key_secret}@api.stormpath.com/v1/applications/#{application.href.split('/').last}/oauth/token")
+          .to_return(body: Stormpath::Test.mocked_social_grant_response)
+        end
+
+        it 'should return access token response' do
+          expect(authenticate_oauth).to be_kind_of(Stormpath::Oauth::AccessTokenAuthenticationResult)
+        end
+
+        it 'response should contain token data' do
+          expect(authenticate_oauth.access_token).not_to be_empty
+          expect(authenticate_oauth.refresh_token).not_to be_empty
+          expect(authenticate_oauth.token_type).not_to be_empty
+          expect(authenticate_oauth.expires_in).not_to be_nil
+          expect(authenticate_oauth.stormpath_access_token_href).not_to be_empty
+        end
+      end
+    end
+
     context 'exchange id site token for access_token with invalid jwt' do
       let(:invalid_jwt_token) { 'invalid_token' }
 
@@ -1167,23 +1364,43 @@ describe Stormpath::Resource::Application, :vcr do
     end
 
     context 'validate access token' do
-      let(:access_token) { aquire_token.access_token }
-      let(:authenticate_oauth) { Stormpath::Oauth::VerifyAccessToken.new(application).verify(access_token) }
-
-      it 'should return authentication result response' do
-        expect(authenticate_oauth).to be_kind_of(Stormpath::Oauth::VerifyToken)
-      end
-
-      it 'returns success on valid token' do
-        expect(authenticate_oauth.href).not_to be_empty
-        expect(authenticate_oauth.account).to be_a(Stormpath::Resource::Account)
-        expect(authenticate_oauth.account).to eq(account)
-        expect(authenticate_oauth.application).to be_a(Stormpath::Resource::Application)
-        expect(authenticate_oauth.application).to eq(application)
-        expect(authenticate_oauth.jwt).not_to be_empty
-        expect(authenticate_oauth.tenant).to be_a(Stormpath::Resource::Tenant)
-        expect(authenticate_oauth.tenant).to eq(test_api_client.tenant)
-        expect(authenticate_oauth.expanded_jwt).not_to be_empty
+      context 'remotely' do
+        let(:access_token) { aquire_token.access_token }
+        let(:authenticate_oauth) do
+          Stormpath::Oauth::VerifyAccessToken.new(application).verify(access_token)
+        end
+
+        it 'should return authentication result response' do
+          expect(authenticate_oauth).to be_kind_of(Stormpath::Oauth::VerifyTokenResult)
+        end
+
+        it 'returns success on valid token' do
+          expect(authenticate_oauth.href).not_to be_empty
+          expect(authenticate_oauth.account).to be_a(Stormpath::Resource::Account)
+          expect(authenticate_oauth.account).to eq(account)
+          expect(authenticate_oauth.application).to be_a(Stormpath::Resource::Application)
+          expect(authenticate_oauth.application).to eq(application)
+          expect(authenticate_oauth.jwt).not_to be_empty
+          expect(authenticate_oauth.tenant).to be_a(Stormpath::Resource::Tenant)
+          expect(authenticate_oauth.tenant).to eq(test_api_client.tenant)
+          expect(authenticate_oauth.expanded_jwt).not_to be_empty
+        end
+      end
+
+      context 'locally' do
+        let(:access_token) { aquire_token.access_token }
+        let(:authenticate_oauth) do
+          Stormpath::Oauth::VerifyAccessToken.new(application, local: true).verify(access_token)
+        end
+
+        it 'should return local access token verification result' do
+          expect(authenticate_oauth)
+            .to be_kind_of(Stormpath::Oauth::LocalAccessTokenVerificationResult)
+        end
+
+        it 'should return result that contains account' do
+          expect(authenticate_oauth.account).to eq(account)
+        end
       end
     end
 

data/spec/resource/collection_spec.rb

@@ -277,7 +277,7 @@ describe Stormpath::Resource::Collection, :vcr do
 
       # !@#$%^&*()_-+=?><:]}[{'
       # 'jlpicard/!@$%^*()_-+&=?><:]}[{'
-      let(:username) { 'jlpicard/!@$%^ *()_-+=?><:]}[{' }
+      let(:username) { 'jlpicard/!@$%^ *()_-+=?><]}[{' }
 
       let!(:account) do
         directory.accounts.create username: username,
@@ -364,6 +364,64 @@ describe Stormpath::Resource::Collection, :vcr do
       end
     end
 
-  end
+    context 'search accounts by custom data' do
+      let(:directory) { test_api_client.directories.create name: random_directory_name }
+
+      let(:account) do
+        directory.accounts.create(
+          username: 'jlpicard',
+          email: 'capt@enterprise.com',
+          givenName: 'Jean-Luc',
+          surname: 'Picard',
+          password: 'hakunaMatata179Enterprise'
+        )
+      end
+
+      let(:account2) do
+        directory.accounts.create(
+          username: 'jlpicard2',
+          email: 'capt2@enterprise.com',
+          givenName: 'Jean-Luc2',
+          surname: 'Picard2',
+          password: 'hakunaMatata179Enterprise'
+        )
+      end
+
+      after do
+        directory.delete
+      end
 
+      context 'camelCase' do
+        before do
+          account.custom_data['targetAttribute'] = 'findMe'
+          account2.custom_data['targetAttribute'] = 'findMe'
+          account.save
+          account2.save
+        end
+
+        it 'should search accounts by custom data attribute' do
+          expect(account.custom_data['targetAttribute']).to eq 'findMe'
+          expect(directory.accounts.count).to eq 2
+          sleep 1
+          expect(directory.accounts.search('customData.targetAttribute' => 'findMe').count).to eq(2)
+        end
+      end
+
+      context 'snake_case' do
+        before do
+          account.custom_data['target_attribute'] = 'findMe'
+          account2.custom_data['target_attribute'] = 'findMe'
+          account.save
+          account2.save
+        end
+
+        it 'should be able to fetch custom data attributes with snake case' do
+          expect(account.custom_data['target_attribute']).to eq 'findMe'
+          expect(directory.accounts.count).to eq 2
+          sleep 1
+          expect(directory.accounts.search('customData.target_attribute' => 'findMe').count).to eq(2)
+        end
+      end
+    end
+  end
 end

data/spec/resource/directory_spec.rb

@@ -83,7 +83,56 @@ describe Stormpath::Resource::Directory, :vcr do
       end
 
       it 'should be able to create and get a group' do
-        expect(directory.groups.get group.href).to be
+        expect(directory.groups.get(group.href)).to be
+      end
+
+      context 'search' do
+        before do
+          directory.groups.create(name: 'US group', description: 'Described groups from United S.')
+          directory.groups.create(name: 'EU group', description: 'Described groups from Europe')
+        end
+
+        it 'should return groups by name' do
+          expect(directory.groups.search(name: 'US group').count).to eq 1
+        end
+
+        it 'should return groups by description' do
+          expect(directory.groups.search(description: 'Described groups from Europe').count).to eq 1
+        end
+
+        it 'should return groups when searching name with asterisks' do
+          expect(directory.groups.search(name: '*US*').count).to eq 1
+        end
+
+        it 'should return groups when searching description with asterisks' do
+          expect(directory.groups.search(description: '*groups*').count).to eq 2
+        end
+      end
+    end
+
+    context '#organizations' do
+      let(:organization) do
+        test_api_client.organizations.create(name: 'Test organization name',
+                                             name_key: 'test-organization-name-key')
+      end
+
+      let!(:organization_account_store_mappings) do
+        test_api_client.organization_account_store_mappings.create(
+          account_store: { href: directory.href },
+          organization: { href: organization.href }
+        )
+      end
+
+      after do
+        organization.delete
+      end
+
+      it 'should be able to get organizations' do
+        expect(directory.organizations).to include(organization)
+      end
+
+      it 'should be able to get specific organization with organization href' do
+        expect(directory.organizations.get(organization.href)).to eq organization
       end
     end
 
@@ -239,6 +288,38 @@ describe Stormpath::Resource::Directory, :vcr do
       end
     end
 
+    context "BCrypt 2A hashing algorithm" do
+      before do
+        account_store_mapping
+        @account = directory.accounts.create({
+          username: "jlucpicard",
+          email: "captain@enterprise.com",
+          given_name: "Jean-Luc",
+          surname: "Picard",
+          password: "$2a$10$sWvxHJIvkARbp.u2yBpuJeGzNvpxYQo7AYxAJwFRH0HptXSWyqvwy"
+        }, password_format: 'mcf')
+      end
+
+      it 'creates an account' do
+        expect(@account).to be_a Stormpath::Resource::Account
+        expect(@account.username).to eq("jlucpicard")
+        expect(@account.email).to eq("captain@enterprise.com")
+        expect(@account.given_name).to eq("Jean-Luc")
+        expect(@account.surname).to eq("Picard")
+      end
+
+      it 'can authenticate with the account credentials' do
+        auth_request = Stormpath::Authentication::UsernamePasswordRequest.new 'jlucpicard', 'NotSecure'
+        auth_result = application.authenticate_account auth_request
+
+        expect(auth_result).to be_a Stormpath::Authentication::AuthenticationResult
+        expect(auth_result.account).to be_a Stormpath::Resource::Account
+        expect(auth_result.account.email).to eq("captain@enterprise.com")
+        expect(auth_result.account.given_name).to eq("Jean-Luc")
+        expect(auth_result.account.surname).to eq("Picard")
+      end
+    end
+
     context 'with account data as hash' do
       let(:account_email) { random_email }
 

data/spec/resource/organization_spec.rb

@@ -3,7 +3,7 @@ require 'spec_helper'
 describe Stormpath::Resource::Organization, :vcr do
 
   let(:organization) do
-    test_api_client.organizations.create name: 'test_organization',
+    test_api_client.organizations.create name: 'test_ruby_organization',
        name_key: "testorganization", description: 'test organization'
   end
 
@@ -11,11 +11,13 @@ describe Stormpath::Resource::Organization, :vcr do
     organization.delete if organization
   end
 
-  def create_organization_account_store_mapping(organization, account_store)
-    test_api_client.organization_account_store_mappings.create({
+  def create_organization_account_store_mapping(organization, account_store, options = {})
+    test_api_client.organization_account_store_mappings.create(
       account_store: { href: account_store.href },
-      organization: { href: organization.href }
-    })
+      organization: { href: organization.href },
+      is_default_account_store: options[:default_account_store] || false,
+      is_default_group_store: options[:default_group_store] || false
+    )
   end
 
   describe "instances should respond to attribute property methods" do
@@ -93,10 +95,27 @@ describe Stormpath::Resource::Organization, :vcr do
     context 'accounts' do
       let(:directory) { test_api_client.directories.create name: random_directory_name }
 
-      let(:account) { directory.accounts.create({ email: 'rubysdk@example.com', given_name: 'Ruby SDK', password: 'P@$$w0rd',surname: 'SDK' }) }
+      let(:account) do
+        directory.accounts.create(
+          email: 'rubysdk@example.com',
+          given_name: 'Ruby SDK',
+          password: 'P@$$w0rd',
+          surname: 'SDK'
+        )
+      end
+      let(:org_account) do
+        organization.accounts.create(
+          email: 'rubysdk2@example.com',
+          given_name: 'Ruby SDK',
+          password: 'P@$$w0rd',
+          surname: 'SDK'
+        )
+      end
 
       before do
-        create_organization_account_store_mapping(organization, directory)
+        create_organization_account_store_mapping(organization,
+                                                  directory,
+                                                  default_account_store: true)
       end
 
       after do
@@ -104,10 +123,20 @@ describe Stormpath::Resource::Organization, :vcr do
         directory.delete if directory
       end
 
-      it 'returns a collection of groups' do
+      it 'returns a collection of accounts' do
         expect(organization.accounts).to be_kind_of(Stormpath::Resource::Collection)
         expect(organization.accounts).to include(account)
       end
+
+      it 'can create another account' do
+        expect(org_account).to be_kind_of(Stormpath::Resource::Account)
+        expect(organization.accounts).to include(org_account)
+      end
+
+      it 'can get a specific account' do
+        expect(org_account).to be_kind_of(Stormpath::Resource::Account)
+        expect(organization.accounts.get(org_account.href)).to eq org_account
+      end
     end
 
     context 'tenant' do