warden_oauth_provider 1.0.0

data/spec/request_token_spec.rb

@@ -0,0 +1,169 @@
+require 'spec_helper'
+
+describe "Request token" do
+  
+  context "Success", :wip => true do
+    
+    before(:all) do
+      @client_application = Factory.create(:client_application)
+      
+      auth_str = oauth_header({
+        :realm                  => "MoneyBird",
+        :oauth_consumer_key     => @client_application.key,
+        :oauth_signature_method => "PLAINTEXT",
+        :oauth_timestamp        => Time.now.to_i,
+        :oauth_nonce            => Time.now.to_f,
+        :oauth_callback         => "oob",
+        :oauth_signature        => @client_application.secret + "%26"
+      })
+      
+      env = env_with_params("/oauth/request_token", {}, {
+        "HTTP_AUTHORIZATION" => auth_str
+      })
+      @response = setup_rack.call(env)
+      @oauth_response = Hash[*@response.last.first.split("&").collect { |v| v.split("=") }.flatten]
+    end
+    
+    it "should have an oauth token" do
+      @oauth_response.keys.should include("oauth_token")
+      @oauth_response["oauth_token"].should_not be_nil
+    end
+    
+    it "should have an oauth token secret" do
+      @oauth_response.keys.should include("oauth_token_secret")
+      @oauth_response["oauth_token_secret"].should_not be_nil
+    end
+    
+    it "should have an oauth callback confirmed header" do
+      @oauth_response.keys.should include("oauth_callback_confirmed")
+      @oauth_response["oauth_callback_confirmed"].should == "true"
+    end
+    
+    it "should have created a new request token in the database" do
+      WardenOauthProvider::Token::Request.where(:token => @oauth_response["oauth_token"], :secret => @oauth_response["oauth_token_secret"]).count.should == 1
+    end
+    
+  end
+  
+  context "Success with GET" do
+    before(:all) do
+      @client_application = Factory.create(:client_application)
+      
+      auth_params = {
+        :realm                  => "MoneyBird",
+        :oauth_consumer_key     => @client_application.key,
+        :oauth_signature_method => "PLAINTEXT",
+        :oauth_timestamp        => Time.now.to_i,
+        :oauth_nonce            => Time.now.to_f,
+        :oauth_callback         => "oob",
+        :oauth_signature        => @client_application.secret+"&"
+      }
+      
+      env = env_with_params("/oauth/request_token", auth_params, {})
+      @response = setup_rack.call(env)
+      @oauth_response = Hash[*@response.last.first.split("&").collect { |v| v.split("=") }.flatten]
+    end
+    
+    it "should have an oauth token" do
+      @oauth_response.keys.should include("oauth_token")
+      @oauth_response["oauth_token"].should_not be_nil
+    end
+    
+    it "should have an oauth token secret" do
+      @oauth_response.keys.should include("oauth_token_secret")
+      @oauth_response["oauth_token_secret"].should_not be_nil
+    end
+    
+    it "should have an oauth callback confirmed header" do
+      @oauth_response.keys.should include("oauth_callback_confirmed")
+      @oauth_response["oauth_callback_confirmed"].should == "true"
+    end
+    
+    it "should have created a new request token in the database" do
+      WardenOauthProvider::Token::Request.where(:token => @oauth_response["oauth_token"], :secret => @oauth_response["oauth_token_secret"]).count.should == 1
+    end
+  end
+  
+  context "Failure" do
+
+    before(:all) do
+      @client_application = Factory.create(:client_application)
+    end
+
+    it "should response with a 401 if the second request contains the same nonce" do
+      auth_str = oauth_header({
+        :realm                  => "MoneyBird",
+        :oauth_consumer_key     => @client_application.key,
+        :oauth_signature_method => "PLAINTEXT",
+        :oauth_timestamp        => Time.now.to_i,
+        :oauth_nonce            => Time.now.to_f,
+        :oauth_callback         => "oob",
+        :oauth_signature        => @client_application.secret + "%26"
+      })
+      env1 = env_with_params("/oauth/request_token", {}, {
+        "HTTP_AUTHORIZATION" => auth_str
+      })
+      env2 = env_with_params("/oauth/request_token", {}, {
+        "HTTP_AUTHORIZATION" => auth_str
+      })
+      
+      @response1 = setup_rack.call(env1)
+      @response2 = setup_rack.call(env2)
+      @response2.first.should == 401
+    end
+
+    it "should response with a 401 if consumer key is invalid" do
+      auth_str = oauth_header({
+        :realm                  => "MoneyBird",
+        :oauth_consumer_key     => @client_application.key + "invalid",
+        :oauth_signature_method => "PLAINTEXT",
+        :oauth_timestamp        => Time.now.to_i,
+        :oauth_nonce            => Time.now.to_f,
+        :oauth_callback         => "oob",
+        :oauth_signature        => @client_application.secret + "%26"
+      })
+      
+      env = env_with_params("/oauth/request_token", {}, {
+        "HTTP_AUTHORIZATION" => auth_str
+      })
+      @response = setup_rack.call(env)
+      @response.first.should == 401
+    end
+
+    it "should response with a 401 if signature is invalid" do
+      auth_str = oauth_header({
+        :realm                  => "MoneyBird",
+        :oauth_consumer_key     => @client_application.key,
+        :oauth_signature_method => "PLAINTEXT",
+        :oauth_timestamp        => Time.now.to_i,
+        :oauth_nonce            => Time.now.to_f,
+        :oauth_callback         => "oob",
+        :oauth_signature        => @client_application.secret + "%26" + "invalid"
+      })
+      
+      env = env_with_params("/oauth/request_token", {}, {
+        "HTTP_AUTHORIZATION" => auth_str
+      })
+      @response = setup_rack.call(env)
+      @response.first.should == 401
+    end
+
+    it "should response with a 401 if consumer key or signature are invalid" do
+      auth_str = oauth_header({
+        :realm                  => "MoneyBird",
+        :oauth_consumer_key     => @client_application.key + "invalid",
+        :oauth_signature_method => "PLAINTEXT",
+        :oauth_timestamp        => Time.now.to_i,
+        :oauth_nonce            => Time.now.to_f,
+        :oauth_callback         => "oob",
+        :oauth_signature        => @client_application.secret + "%26" + "invalid"
+      })
+      
+      env = env_with_params("/oauth/request_token", {}, {
+        "HTTP_AUTHORIZATION" => auth_str
+      })
+      @response = setup_rack.call(env)
+      @response.first.should == 401
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -0,0 +1,66 @@
+require 'rubygems'
+require 'bundler/setup'
+require 'rspec'
+require 'rspec/mocks'
+require 'warden_oauth_provider'
+require 'rack'
+require 'sqlite3'
+require 'factory_girl'
+require 'logger'
+
+require 'helpers/factories'
+require 'helpers/request_helper'
+
+RSpec.configure do |config|
+  config.mock_with :rspec
+  
+  config.include(RequestHelper)
+end
+
+ActiveRecord::Base.establish_connection(:adapter => 'sqlite3', :database => ':memory:')
+ActiveRecord::Migration.verbose = false
+ActiveRecord::Base.logger = Logger.new("test.log")
+
+ActiveRecord::Schema.define do
+  create_table :client_applications, :force => true do |t|
+    t.string :name
+    t.string :url
+    t.string :support_url
+    t.string :callback_url
+    t.string :key, :limit => 40
+    t.string :secret, :limit => 40
+    t.integer :user_id
+
+    t.timestamps
+  end
+  add_index :client_applications, :key, :unique => true
+  
+  create_table :oauth_tokens, :force => true do |t|
+    t.integer :user_id
+    t.string :type, :limit => 20
+    t.integer :client_application_id
+    t.string :token, :limit => 40
+    t.string :secret, :limit => 40
+    t.string :callback_url
+    t.string :verifier, :limit => 20
+    t.string :scope
+    t.timestamp :authorized_at, :invalidated_at, :valid_to
+    t.timestamps
+  end
+  add_index :oauth_tokens, :token, :unique => true
+  
+  create_table :oauth_nonces do |t|
+    t.string :nonce
+    t.integer :timestamp
+
+    t.timestamps
+  end
+  add_index :oauth_nonces,[:nonce, :timestamp], :unique
+  
+  create_table :users, :force => true do |t|
+    t.string :name
+  end
+end
+
+class User < ActiveRecord::Base
+end

data/spec/token_spec.rb

@@ -0,0 +1,222 @@
+require 'spec_helper'
+
+describe WardenOauthProvider::Token::Request do
+
+  before(:all) do
+    @client_application = Factory(:client_application)
+  end
+
+  before(:each) do
+    @token = WardenOauthProvider::Token::Request.create :client_application_id => @client_application.id
+  end
+
+  it "should be valid" do
+    @token.should be_valid
+  end
+
+  it "should not have errors" do
+    @token.errors.should_not == []
+  end
+
+  it "should have a token" do
+    @token.token.should_not be_nil
+  end
+
+  it "should have a secret" do
+    @token.secret.should_not be_nil
+  end
+
+  it "should not be authorized" do
+    @token.should_not be_authorized
+  end
+
+  it "should not be invalidated" do
+    @token.should_not be_invalidated
+  end
+
+  it "should not have a verifier" do
+    @token.verifier.should be_nil
+  end
+
+  it "should be oob" do
+    @token.should be_oob
+  end
+
+  describe "OAuth 1.0a" do
+
+    describe "with provided callback" do
+      before(:each) do
+        @token.callback_url="http://test.com/callback"
+      end
+
+      it "should not be oob" do
+        @token.should_not be_oob
+      end
+
+      describe "authorize request" do
+        before(:each) do
+          @user = Factory(:user)
+          @token.authorize!(@user)
+        end
+
+        it "should be authorized" do
+          @token.should be_authorized
+        end
+
+        it "should have authorized at" do
+          @token.authorized_at.should_not be_nil
+        end
+
+        it "should have user set" do
+          @token.user.should == @user
+        end
+
+        it "should have verifier" do
+          @token.verifier.should_not be_nil
+        end
+
+        describe "exchange for access token" do
+
+          before(:each) do
+            @access = @token.exchange!(@token.verifier)
+          end
+
+          it "should be valid" do
+            @access.should be_valid
+          end
+
+          it "should have no error messages" do
+            @access.errors.full_messages.should==[]
+          end
+
+          it "should invalidate request token" do
+            @token.should be_invalidated
+          end
+
+          it "should set user on access token" do
+            @access.user.should == @user
+          end
+
+          it "should authorize accesstoken" do
+            @access.should be_authorized
+          end
+        end
+
+        describe "attempt exchange with invalid verifier (OAuth 1.0a)" do
+
+          before(:each) do
+            @value = @token.exchange!("invalidverifier")
+          end
+
+          it "should return false" do
+            @value.should==false
+          end
+
+          it "should not invalidate request token" do
+            @token.should_not be_invalidated
+          end
+        end
+
+      end
+
+      describe "attempt exchange with out authorization" do
+
+        before(:each) do
+          @value = @token.exchange!("invalidverifier")
+        end
+
+        it "should return false" do
+          @value.should==false
+        end
+
+        it "should not invalidate request token" do
+          @token.should_not be_invalidated
+        end
+      end
+
+    end
+
+    describe "with oob callback" do
+      before(:each) do
+        @token.callback_url='oob'
+      end
+
+      it "should be oob" do
+        @token.should be_oob
+      end
+
+      describe "authorize request" do
+        before(:each) do
+          @user = Factory(:user)
+          @token.authorize!(@user)
+        end
+
+        it "should be authorized" do
+          @token.should be_authorized
+        end
+
+        it "should have authorized at" do
+          @token.authorized_at.should_not be_nil
+        end
+
+        it "should have user set" do
+          @token.user.should == @user
+        end
+
+        it "should have verifier" do
+          @token.verifier.should_not be_nil
+        end
+
+        describe "exchange for access token" do
+
+          before(:each) do
+            @access = @token.exchange!(@token.verifier)
+          end
+
+          it "should invalidate request token" do
+            @token.should be_invalidated
+          end
+
+          it "should set user on access token" do
+            @access.user.should == @user
+          end
+
+          it "should authorize accesstoken" do
+            @access.should be_authorized
+          end
+        end
+
+        describe "attempt exchange with invalid verifier (OAuth 1.0a)" do
+
+          before(:each) do
+            @value = @token.exchange!("foobar")
+          end
+
+          it "should return false" do
+            @value.should==false
+          end
+
+          it "should not invalidate request token" do
+            @token.should_not be_invalidated
+          end
+        end
+
+      end
+
+      describe "attempt exchange with out authorization invalid verifier" do
+
+        before(:each) do
+          @value = @token.exchange!("foobar")
+        end
+
+        it "should return false" do
+          @value.should==false
+        end
+
+        it "should not invalidate request token" do
+          @token.should_not be_invalidated
+        end
+      end
+    end
+  end
+end