wordjelly-auth 0.0.3 → 0.0.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/auth/version.rb +1 -1
- data/spec/auth_test.rb +7 -0
- data/spec/controllers/auth/admin_create_users_controller_spec.rb +141 -0
- data/spec/controllers/auth/clients_controller_spec.rb +223 -0
- data/spec/controllers/auth/search_controller_spec.rb +5 -0
- data/spec/controllers/auth/shopping/discounts_controller_spec.rb +54 -0
- data/spec/controllers/auth/users/profiles_controller_spec.rb +5 -0
- data/spec/dummy/README.rdoc +28 -0
- data/spec/dummy/Rakefile +6 -0
- data/spec/dummy/app/assets/javascripts/activity.js +2 -0
- data/spec/dummy/app/assets/javascripts/application.js +16 -0
- data/spec/dummy/app/assets/javascripts/home.js +2 -0
- data/spec/dummy/app/assets/javascripts/pollymer.min.js +170 -0
- data/spec/dummy/app/assets/javascripts/tests.js +2 -0
- data/spec/dummy/app/assets/javascripts/topics.js +2 -0
- data/spec/dummy/app/assets/stylesheets/activity.css +4 -0
- data/spec/dummy/app/assets/stylesheets/application.scss +16 -0
- data/spec/dummy/app/assets/stylesheets/home.css +4 -0
- data/spec/dummy/app/assets/stylesheets/tests.css +4 -0
- data/spec/dummy/app/assets/stylesheets/topics.css +4 -0
- data/spec/dummy/app/controllers/activity_controller.rb +3 -0
- data/spec/dummy/app/controllers/admins/confirmations_controller.rb +28 -0
- data/spec/dummy/app/controllers/admins/omniauth_callbacks_controller.rb +28 -0
- data/spec/dummy/app/controllers/admins/passwords_controller.rb +32 -0
- data/spec/dummy/app/controllers/admins/registrations_controller.rb +60 -0
- data/spec/dummy/app/controllers/admins/sessions_controller.rb +5 -0
- data/spec/dummy/app/controllers/admins/unlocks_controller.rb +28 -0
- data/spec/dummy/app/controllers/application_controller.rb +49 -0
- data/spec/dummy/app/controllers/home_controller.rb +13 -0
- data/spec/dummy/app/controllers/otp_controller.rb +3 -0
- data/spec/dummy/app/controllers/shopping/cart_items_controller.rb +28 -0
- data/spec/dummy/app/controllers/shopping/carts_controller.rb +4 -0
- data/spec/dummy/app/controllers/shopping/discounts_controller.rb +3 -0
- data/spec/dummy/app/controllers/shopping/payments_controller.rb +5 -0
- data/spec/dummy/app/controllers/shopping/products_controller.rb +2 -0
- data/spec/dummy/app/controllers/tests_controller.rb +58 -0
- data/spec/dummy/app/controllers/topics_controller.rb +63 -0
- data/spec/dummy/app/controllers/users/sessions_controller.rb +3 -0
- data/spec/dummy/app/controllers/webhooks_controller.rb +13 -0
- data/spec/dummy/app/helpers/activity_helper.rb +2 -0
- data/spec/dummy/app/helpers/api/v1/token_auth_helper.rb +2 -0
- data/spec/dummy/app/helpers/application_helper.rb +2 -0
- data/spec/dummy/app/helpers/home_helper.rb +2 -0
- data/spec/dummy/app/helpers/tests_helper.rb +2 -0
- data/spec/dummy/app/helpers/topics_helper.rb +2 -0
- data/spec/dummy/app/mailers/application_mailer.rb +4 -0
- data/spec/dummy/app/mailers/new.rb +3 -0
- data/spec/dummy/app/models/activity.rb +3 -0
- data/spec/dummy/app/models/admin.rb +12 -0
- data/spec/dummy/app/models/noti.rb +48 -0
- data/spec/dummy/app/models/noti_response.rb +9 -0
- data/spec/dummy/app/models/shopping/cart.rb +3 -0
- data/spec/dummy/app/models/shopping/cart_item.rb +7 -0
- data/spec/dummy/app/models/shopping/discount.rb +3 -0
- data/spec/dummy/app/models/shopping/payment.rb +16 -0
- data/spec/dummy/app/models/shopping/product.rb +6 -0
- data/spec/dummy/app/models/test.rb +5 -0
- data/spec/dummy/app/models/topic.rb +75 -0
- data/spec/dummy/app/models/user.rb +95 -0
- data/spec/dummy/app/views/home/index.html.erb +6 -0
- data/spec/dummy/app/views/home/send_notification.html.erb +2 -0
- data/spec/dummy/app/views/layouts/application.html.erb +26 -0
- data/spec/dummy/app/views/layouts/mailer.html.erb +8 -0
- data/spec/dummy/app/views/layouts/mailer.text.erb +1 -0
- data/spec/dummy/app/views/new/notification.html.erb +1 -0
- data/spec/dummy/app/views/new/notification.text.erb +1 -0
- data/spec/dummy/app/views/shopping/_navigation_options.html.erb +1 -0
- data/spec/dummy/app/views/tests/_form.html.erb +25 -0
- data/spec/dummy/app/views/tests/edit.html.erb +6 -0
- data/spec/dummy/app/views/tests/index.html.erb +33 -0
- data/spec/dummy/app/views/tests/new.html.erb +5 -0
- data/spec/dummy/app/views/tests/show.html.erb +14 -0
- data/spec/dummy/app/views/topics/_form.html.erb +25 -0
- data/spec/dummy/app/views/topics/edit.html.erb +6 -0
- data/spec/dummy/app/views/topics/index.html.erb +29 -0
- data/spec/dummy/app/views/topics/new.html.erb +5 -0
- data/spec/dummy/app/views/topics/show.html.erb +14 -0
- data/spec/dummy/app/views/users/sessions/create.js.erb +6 -0
- data/spec/dummy/bin/bundle +3 -0
- data/spec/dummy/bin/rails +4 -0
- data/spec/dummy/bin/rake +4 -0
- data/spec/dummy/bin/setup +29 -0
- data/spec/dummy/config.ru +8 -0
- data/spec/dummy/config/application.rb +31 -0
- data/spec/dummy/config/boot.rb +5 -0
- data/spec/dummy/config/environment.rb +4 -0
- data/spec/dummy/config/environments/development.rb +57 -0
- data/spec/dummy/config/environments/production.rb +92 -0
- data/spec/dummy/config/environments/test.rb +44 -0
- data/spec/dummy/config/initializers/assets.rb +11 -0
- data/spec/dummy/config/initializers/aws.rb +15 -0
- data/spec/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/spec/dummy/config/initializers/cookies_serializer.rb +3 -0
- data/spec/dummy/config/initializers/devise.rb +273 -0
- data/spec/dummy/config/initializers/filter_parameter_logging.rb +4 -0
- data/spec/dummy/config/initializers/inflections.rb +16 -0
- data/spec/dummy/config/initializers/mime_types.rb +4 -0
- data/spec/dummy/config/initializers/preinitializer.rb +167 -0
- data/spec/dummy/config/initializers/redis.rb +9 -0
- data/spec/dummy/config/initializers/session_store.rb +3 -0
- data/spec/dummy/config/initializers/wrap_parameters.rb +9 -0
- data/spec/dummy/config/locales/devise.en.yml +62 -0
- data/spec/dummy/config/locales/en.yml +25 -0
- data/spec/dummy/config/mongoid.yml +142 -0
- data/spec/dummy/config/redis.yml +14 -0
- data/spec/dummy/config/routes.rb +38 -0
- data/spec/dummy/config/secrets.yml +22 -0
- data/spec/dummy/db/seeds.rb +48 -0
- data/spec/dummy/lib/admin/parameter_sanitizer.rb +9 -0
- data/spec/dummy/lib/assets/files/test_names.json +1 -0
- data/spec/dummy/lib/user/parameter_sanitizer.rb +8 -0
- data/spec/dummy/public/404.html +67 -0
- data/spec/dummy/public/422.html +67 -0
- data/spec/dummy/public/500.html +66 -0
- data/spec/dummy/public/favicon.ico +0 -0
- data/spec/dummy/shoryuken.yml +5 -0
- data/spec/dummy/sidekiq.yml +9 -0
- data/spec/dummy/sidekiq_prep.sh +6 -0
- data/spec/dummy/spec/controllers/activity_controller_spec.rb +5 -0
- data/spec/dummy/spec/controllers/tests_controller_spec.rb +141 -0
- data/spec/dummy/spec/factories/tests.rb +6 -0
- data/spec/dummy/spec/fixtures/new/send_notification +3 -0
- data/spec/dummy/spec/helpers/activity_helper_spec.rb +15 -0
- data/spec/dummy/spec/helpers/tests_helper_spec.rb +15 -0
- data/spec/dummy/spec/mailers/new_spec.rb +18 -0
- data/spec/dummy/spec/mailers/previews/new_preview.rb +13 -0
- data/spec/dummy/spec/models/test_spec.rb +5 -0
- data/spec/dummy/spec/requests/tests_spec.rb +10 -0
- data/spec/dummy/spec/routing/tests_routing_spec.rb +39 -0
- data/spec/dummy/spec/views/tests/edit.html.erb_spec.rb +21 -0
- data/spec/dummy/spec/views/tests/index.html.erb_spec.rb +22 -0
- data/spec/dummy/spec/views/tests/new.html.erb_spec.rb +21 -0
- data/spec/dummy/spec/views/tests/show.html.erb_spec.rb +16 -0
- data/spec/dummy/test/controllers/api/v1/token_auth_controller_test.rb +7 -0
- data/spec/dummy/test/controllers/home_controller_test.rb +9 -0
- data/spec/dummy/test/controllers/oauth_tests_controller_test.rb +7 -0
- data/spec/dummy/test/fixtures/oauth_tests.yml +11 -0
- data/spec/dummy/test/fixtures/users.yml +7 -0
- data/spec/dummy/test/models/oauth_test_test.rb +7 -0
- data/spec/dummy/test/models/user_test.rb +7 -0
- data/spec/factories/client_factory.rb +77 -0
- data/spec/features/additional_login_param_feature_spec.rb +63 -0
- data/spec/features/extension_spec.rb +680 -0
- data/spec/features/redirect_disable_spec.rb +74 -0
- data/spec/fixtures/auth/clients.yml +13 -0
- data/spec/helpers/auth/admin_create_users_helper_spec.rb +15 -0
- data/spec/helpers/auth/resource_helper_spec.rb +15 -0
- data/spec/helpers/auth/search_helper_spec.rb +15 -0
- data/spec/helpers/auth/users/profiles_helper_spec.rb +15 -0
- data/spec/integration/navigation_test.rb +8 -0
- data/spec/mailers/auth/notifier_spec.rb +5 -0
- data/spec/mailers/previews/auth/notifier_preview.rb +4 -0
- data/spec/models/auth/admin_create_user_spec.rb +5 -0
- data/spec/models/auth/client_test.rb +9 -0
- data/spec/models/auth/shopping/discount_spec.rb +5 -0
- data/spec/rails_helper.rb +70 -0
- data/spec/requests/admin/confirmation_request_spec.rb +164 -0
- data/spec/requests/admin/password_request_spec.rb +191 -0
- data/spec/requests/admin/registration_request_spec.rb +574 -0
- data/spec/requests/admin/session_request_spec.rb +352 -0
- data/spec/requests/admin/unlock_request_spec.rb +178 -0
- data/spec/requests/admin_create_user_request_spec.rb +303 -0
- data/spec/requests/background_job_request_spec.rb +28 -0
- data/spec/requests/cart_item_request_spec.rb +381 -0
- data/spec/requests/cart_request_spec.rb +451 -0
- data/spec/requests/client_request_spec.rb +65 -0
- data/spec/requests/discount_request_spec.rb +589 -0
- data/spec/requests/payment_request_spec.rb +1254 -0
- data/spec/requests/search_request_spec.rb +173 -0
- data/spec/requests/topic_request_spec.rb +138 -0
- data/spec/requests/user/additional_login_param_and_email_validation_spec.rb +673 -0
- data/spec/requests/user/confirmation_request_spec.rb +189 -0
- data/spec/requests/user/omniauth_callbacks_request_spec.rb +682 -0
- data/spec/requests/user/otp_basic_flow_request_spec.rb +512 -0
- data/spec/requests/user/password_request_spec.rb +216 -0
- data/spec/requests/user/registration_request_spec.rb +615 -0
- data/spec/requests/user/session_request_spec.rb +361 -0
- data/spec/requests/user/unlock_request_spec.rb +208 -0
- data/spec/routing/admin/admin_routes_spec.rb +15 -0
- data/spec/routing/auth/admin_create_users_routing_spec.rb +39 -0
- data/spec/routing/clients_controller_routes_spec.rb +75 -0
- data/spec/routing/engine_routes_spec.rb +16 -0
- data/spec/spec_helper.rb +138 -0
- data/spec/support/factory_girl.rb +3 -0
- data/spec/support/omniauth_macros.rb +195 -0
- data/spec/support/payumoney_support.rb +11 -0
- data/spec/support/sign_in_support.rb +361 -0
- data/spec/support/wait_for_ajax.rb +11 -0
- data/spec/views/auth/admin_create_users/edit.html.erb_spec.rb +14 -0
- data/spec/views/auth/admin_create_users/index.html.erb_spec.rb +14 -0
- data/spec/views/auth/admin_create_users/new.html.erb_spec.rb +14 -0
- data/spec/views/auth/admin_create_users/show.html.erb_spec.rb +11 -0
- data/spec/views/auth/shopping/discounts/create.html.erb_spec.rb +5 -0
- data/spec/views/auth/shopping/discounts/destroy.html.erb_spec.rb +5 -0
- data/spec/views/auth/shopping/discounts/edit.html.erb_spec.rb +5 -0
- data/spec/views/auth/shopping/discounts/index.html.erb_spec.rb +5 -0
- data/spec/views/auth/shopping/discounts/new.html.erb_spec.rb +5 -0
- data/spec/views/auth/shopping/discounts/show.html.erb_spec.rb +5 -0
- data/spec/views/auth/shopping/discounts/update.html.erb_spec.rb +5 -0
- data/spec/views/profile/show.html.erb_spec.rb +5 -0
- metadata +401 -3
@@ -0,0 +1,189 @@
|
|
1
|
+
require "rails_helper"
|
2
|
+
|
3
|
+
RSpec.describe "confirmation request spec",:confirmation => true,:authentication => true, :type => :request do
|
4
|
+
|
5
|
+
before(:example) do
|
6
|
+
ActionController::Base.allow_forgery_protection = false
|
7
|
+
User.delete_all
|
8
|
+
Auth::Client.delete_all
|
9
|
+
@u = User.new(attributes_for(:user))
|
10
|
+
@u.save
|
11
|
+
##HERE THE USER IS NOT CONFIRMED, SO THE CLIENT IS NOT CREATED IN THE AFTER_sAVE BLOCK.
|
12
|
+
##AS A RESULT WE MANUALLY CREATE A CLIENT.
|
13
|
+
##WE USE THIS SAME CLIENT FOR THE API_KEY AND REDIRECT_URL.
|
14
|
+
##NORMALLY THIS WOULD BE A CLIENT OF ANOTHER USER, ENTIRELY.
|
15
|
+
@c = Auth::Client.new(:resource_id => @u.id)
|
16
|
+
@c.api_key = "test"
|
17
|
+
@c.redirect_urls = ["http://www.google.com"]
|
18
|
+
@c.app_ids << "test_app_id"
|
19
|
+
@c.versioned_create
|
20
|
+
@ap_key = @c.api_key
|
21
|
+
end
|
22
|
+
|
23
|
+
after(:example) do
|
24
|
+
User.delete_all
|
25
|
+
Auth::Client.delete_all
|
26
|
+
end
|
27
|
+
|
28
|
+
context "-- web app requests" do
|
29
|
+
|
30
|
+
before(:example) do
|
31
|
+
|
32
|
+
ActionController::Base.allow_forgery_protection = false
|
33
|
+
|
34
|
+
end
|
35
|
+
|
36
|
+
context "-- no api key" do
|
37
|
+
|
38
|
+
it "-- get request is successfull" do
|
39
|
+
|
40
|
+
get new_user_confirmation_path,{}
|
41
|
+
expect(response.code).to eq("200")
|
42
|
+
end
|
43
|
+
|
44
|
+
it "-- create request is successfull" do
|
45
|
+
prev_msg_count = ActionMailer::Base.deliveries.size
|
46
|
+
post user_confirmation_path,{user:{email: @u.email}}
|
47
|
+
expect(response.code).to eq("302")
|
48
|
+
message = ActionMailer::Base.deliveries[-1].to_s
|
49
|
+
confirmation_token = nil
|
50
|
+
message.scan(/confirmation_token=(?<confirmation_token>.*)\"/) do |ll|
|
51
|
+
|
52
|
+
j = Regexp.last_match
|
53
|
+
confirmation_token = j[:confirmation_token]
|
54
|
+
|
55
|
+
end
|
56
|
+
new_msg_count = ActionMailer::Base.deliveries.size
|
57
|
+
expect(confirmation_token).not_to be(nil)
|
58
|
+
expect(new_msg_count - prev_msg_count).to eq(1)
|
59
|
+
end
|
60
|
+
|
61
|
+
it "-- show request is successfull" do
|
62
|
+
##should return redirect.
|
63
|
+
message = ActionMailer::Base.deliveries[-1].to_s
|
64
|
+
confirmation_token = nil
|
65
|
+
message.scan(/confirmation_token=(?<confirmation_token>.*)\"/) do |ll|
|
66
|
+
|
67
|
+
j = Regexp.last_match
|
68
|
+
confirmation_token = j[:confirmation_token]
|
69
|
+
|
70
|
+
end
|
71
|
+
get user_confirmation_path,{confirmation_token: confirmation_token}
|
72
|
+
@u.reload
|
73
|
+
expect(@u.confirmed_at).not_to be(nil)
|
74
|
+
|
75
|
+
end
|
76
|
+
|
77
|
+
end
|
78
|
+
|
79
|
+
context "-- valid api key + redirect url" do
|
80
|
+
|
81
|
+
|
82
|
+
it "-- get request, client created, but no redirection" do
|
83
|
+
get new_user_confirmation_path, {redirect_url: "http://www.google.com", api_key: @ap_key, current_app_id: @c.app_ids[0]}
|
84
|
+
expect(response.code).to eq("200")
|
85
|
+
|
86
|
+
end
|
87
|
+
|
88
|
+
it "-- create request, client created, but no redirection" do
|
89
|
+
prev_msg_count = ActionMailer::Base.deliveries.size
|
90
|
+
post user_confirmation_path,{user:{email: @u.email},redirect_url: "http://www.google.com", api_key: @ap_key, current_app_id: @c.app_ids[0]}
|
91
|
+
|
92
|
+
expect(session[:client]).not_to be_nil
|
93
|
+
expect(session[:redirect_url]).not_to be_nil
|
94
|
+
expect(response.location=~/google/).to be_nil
|
95
|
+
expect(response.code).to eq("302")
|
96
|
+
message = ActionMailer::Base.deliveries[-1].to_s
|
97
|
+
confirmation_token = nil
|
98
|
+
message.scan(/confirmation_token=(?<confirmation_token>.*)\"/) do |ll|
|
99
|
+
|
100
|
+
j = Regexp.last_match
|
101
|
+
confirmation_token = j[:confirmation_token]
|
102
|
+
|
103
|
+
end
|
104
|
+
new_msg_count = ActionMailer::Base.deliveries.size
|
105
|
+
expect(confirmation_token).not_to be(nil)
|
106
|
+
expect(new_msg_count - prev_msg_count).to eq(1)
|
107
|
+
expect(response).not_to redirect_to("http://www.google.com?authentication_token=#{@u.authentication_token}&es=#{@u.client_authentication[@c.app_ids[0]]}")
|
108
|
+
end
|
109
|
+
|
110
|
+
##redirection on show action is tested in the feature specs.
|
111
|
+
##what that does is first visits the sign in page with a redirect url and api key, then goes to sign up, then signs up, then visits the confirmation_url page and is successfully redirected to the redirect url with the correct authentication_token and es.
|
112
|
+
|
113
|
+
end
|
114
|
+
|
115
|
+
end
|
116
|
+
|
117
|
+
context "-- json requests " do
|
118
|
+
before(:all) do
|
119
|
+
@headers = { "CONTENT_TYPE" => "application/json" , "ACCEPT" => "application/json"}
|
120
|
+
end
|
121
|
+
context "-- no api key" do
|
122
|
+
|
123
|
+
it "-- get request returns 406" do
|
124
|
+
get new_user_confirmation_path,nil,@headers
|
125
|
+
expect(response.code).to eq("406")
|
126
|
+
end
|
127
|
+
|
128
|
+
it "-- create request returns not authenticated" do
|
129
|
+
post user_confirmation_path,{user:{email: @u.email}}.to_json,@headers
|
130
|
+
expect(response.code).to eq("401")
|
131
|
+
end
|
132
|
+
|
133
|
+
it "-- show request returns not authenticated" do
|
134
|
+
get user_confirmation_path,{confirmation_token: "dog"}.to_json,@headers
|
135
|
+
expect(response.code).to eq("401")
|
136
|
+
end
|
137
|
+
|
138
|
+
end
|
139
|
+
|
140
|
+
|
141
|
+
context "-- valid api key" do
|
142
|
+
|
143
|
+
|
144
|
+
it "-- get request returns 406" do
|
145
|
+
get new_user_confirmation_path,{api_key: @ap_key,:current_app_id => "test_app_id"}.to_json,@headers
|
146
|
+
expect(response.code).to eq("406")
|
147
|
+
end
|
148
|
+
|
149
|
+
it "-- create request works" do
|
150
|
+
prev_msg_count = ActionMailer::Base.deliveries.size
|
151
|
+
|
152
|
+
|
153
|
+
post user_confirmation_path,{user:{email: @u.email}, api_key: @ap_key,:current_app_id => "test_app_id"}.to_json,@headers
|
154
|
+
|
155
|
+
message = ActionMailer::Base.deliveries[-1].to_s
|
156
|
+
confirmation_token = nil
|
157
|
+
message.scan(/confirmation_token=(?<confirmation_token>.*)\"/) do |ll|
|
158
|
+
|
159
|
+
j = Regexp.last_match
|
160
|
+
confirmation_token = j[:confirmation_token]
|
161
|
+
|
162
|
+
end
|
163
|
+
new_msg_count = ActionMailer::Base.deliveries.size
|
164
|
+
expect(confirmation_token).not_to be(nil)
|
165
|
+
expect(new_msg_count - prev_msg_count).to eq(1)
|
166
|
+
expect(response.code).to eq("201")
|
167
|
+
|
168
|
+
end
|
169
|
+
|
170
|
+
it "-- show request works --" do
|
171
|
+
message = ActionMailer::Base.deliveries[-1].to_s
|
172
|
+
confirmation_token = nil
|
173
|
+
message.scan(/confirmation_token=(?<confirmation_token>.*)\"/) do |ll|
|
174
|
+
|
175
|
+
j = Regexp.last_match
|
176
|
+
confirmation_token = j[:confirmation_token]
|
177
|
+
|
178
|
+
end
|
179
|
+
get user_confirmation_path,{confirmation_token: confirmation_token, api_key: @ap_key, :current_app_id => "test_app_id"}, @headers
|
180
|
+
@u.reload
|
181
|
+
expect(@u.confirmed_at).not_to be(nil)
|
182
|
+
expect(response.code).to eq("201")
|
183
|
+
end
|
184
|
+
|
185
|
+
end
|
186
|
+
|
187
|
+
end
|
188
|
+
|
189
|
+
end
|
@@ -0,0 +1,682 @@
|
|
1
|
+
require "rails_helper"
|
2
|
+
|
3
|
+
RSpec.describe "Omniauth requests", :type => :request,:authentication => true, :omniauth => true do
|
4
|
+
|
5
|
+
|
6
|
+
|
7
|
+
context " -- google_oauth_2 ", :oauth => true do
|
8
|
+
before(:each) do
|
9
|
+
|
10
|
+
User.delete_all
|
11
|
+
Auth::Client.delete_all
|
12
|
+
@u = User.new(attributes_for(:user_confirmed))
|
13
|
+
@u.save
|
14
|
+
@c = Auth::Client.new(:resource_id => @u.id, :api_key => "test")
|
15
|
+
@c.redirect_urls = ["http://www.google.com"]
|
16
|
+
@c.app_ids << "test_app_id"
|
17
|
+
@c.path = "omniauth/users/"
|
18
|
+
@c.versioned_create
|
19
|
+
@u.client_authentication["test_app_id"] = "test_es"
|
20
|
+
@u.save
|
21
|
+
@ap_key = @c.api_key
|
22
|
+
@headers = { "CONTENT_TYPE" => "application/json" , "ACCEPT" => "application/json"}
|
23
|
+
end
|
24
|
+
##REFER TO AUTH/CONFIG/INITIALIZERS/OMNIAUTH.RB - for commented code on how the oauth works for android and the web app.
|
25
|
+
|
26
|
+
|
27
|
+
|
28
|
+
context " -- json requests -- " do
|
29
|
+
|
30
|
+
context " -- google_oauth2 test -- ", single: true do
|
31
|
+
|
32
|
+
|
33
|
+
it " -- handles invalid id_token -- " do
|
34
|
+
|
35
|
+
OmniAuth.config.test_mode = false
|
36
|
+
|
37
|
+
|
38
|
+
post google_oauth2_omniauth_callback_url(:id_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
39
|
+
|
40
|
+
expect(JSON.parse(response.body)).to eql({"failure_message" => "Invalid credentials"})
|
41
|
+
end
|
42
|
+
|
43
|
+
|
44
|
+
it " -- handles invalid code -- " do
|
45
|
+
|
46
|
+
OmniAuth.config.test_mode = false
|
47
|
+
|
48
|
+
|
49
|
+
|
50
|
+
post google_oauth2_omniauth_callback_url(:code => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
51
|
+
|
52
|
+
expect(JSON.parse(response.body)).to eql({"failure_message" => "Invalid credentials"})
|
53
|
+
|
54
|
+
end
|
55
|
+
|
56
|
+
|
57
|
+
it " -- redirects to omniauth failure path on any error in omni concern. -- ", module_support: true do
|
58
|
+
|
59
|
+
OmniAuth.config.test_mode = false
|
60
|
+
|
61
|
+
google_oauth2_nil_hash
|
62
|
+
|
63
|
+
post google_oauth2_omniauth_callback_url(:id_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
64
|
+
|
65
|
+
expect(response).to redirect_to(omniauth_failure_path("error"))
|
66
|
+
|
67
|
+
end
|
68
|
+
|
69
|
+
|
70
|
+
|
71
|
+
|
72
|
+
## NO RESOURCE TEST.
|
73
|
+
it " -- redirects to omniauth_failure_path and gives failure message of 'no resource' if no resource is specified in the omniauth_callback_request. " do
|
74
|
+
|
75
|
+
OmniAuth.config.test_mode = false
|
76
|
+
|
77
|
+
google_oauth2_verify_token_true_verify_hd_true
|
78
|
+
|
79
|
+
post google_oauth2_omniauth_callback_url(:id_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => nil}.to_json),nil,@headers
|
80
|
+
|
81
|
+
expect(response).to redirect_to(omniauth_failure_path("no_resource"))
|
82
|
+
end
|
83
|
+
|
84
|
+
|
85
|
+
## CREATES NEW USER IF ID_TOKEN IS VALID.
|
86
|
+
it " -- creates new user if id_token is valid, and returns auth_token and es, because client is also correct. -- " do
|
87
|
+
##WE MODIFY THE VERFIY_ID_TOKEN FUNCTION TO RETURN A VALID ID TOKEN, AND ALSO
|
88
|
+
|
89
|
+
google_oauth2_verify_token_true_verify_hd_true
|
90
|
+
|
91
|
+
OmniAuth.config.test_mode = false
|
92
|
+
|
93
|
+
|
94
|
+
post google_oauth2_omniauth_callback_url(:id_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
95
|
+
#puts response.body.to_s
|
96
|
+
##check that a user was created.
|
97
|
+
##check that identity was created.
|
98
|
+
|
99
|
+
u = User.where(:email => "rrphotosoft@gmail.com").first
|
100
|
+
expect(u).not_to be_nil
|
101
|
+
expect(u.identities).to eql([{"provider"=>"google_oauth2", "uid"=>"12345", "email"=>"rrphotosoft@gmail.com", "access_token" =>"mock_token", "token_expires_at" => 20000 }])
|
102
|
+
expect(JSON.parse(response.body).keys).to match_array(["authentication_token","es"])
|
103
|
+
|
104
|
+
end
|
105
|
+
|
106
|
+
|
107
|
+
## IT CANT FIND THE CLIENT PROVIDED, THEN SHOULD RETURN SHIT.
|
108
|
+
## TEST PASSES.
|
109
|
+
it " -- not able to find the client, it returns 401 unauthorized. -- " do
|
110
|
+
|
111
|
+
google_oauth2_verify_token_true_verify_hd_true
|
112
|
+
|
113
|
+
OmniAuth.config.test_mode = false
|
114
|
+
|
115
|
+
|
116
|
+
post google_oauth2_omniauth_callback_url(:id_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => "asshole", :path => @c.path}.to_json),nil,@headers
|
117
|
+
|
118
|
+
expect(response.code).to eql("401")
|
119
|
+
expect(response.body).to eql("")
|
120
|
+
u = User.where(:email => "rrphotosoft@gmail.com").first
|
121
|
+
expect(u).to be_nil
|
122
|
+
end
|
123
|
+
|
124
|
+
|
125
|
+
it " -- responds with user credentials, and updates access_token and expires at, if a user with same email and identity already exists, and he tries to sign in with oauth, provided that the id_token is valid. -- ", :rotten => true do
|
126
|
+
|
127
|
+
@u1 = User.new(attributes_for(:user_confirmed))
|
128
|
+
@u1.email = "test@gmail.com"
|
129
|
+
|
130
|
+
@u1.client_authentication["test_app_id"] = "test_es"
|
131
|
+
access_token = "old_access_token"
|
132
|
+
token_expires_at = Time.now.to_i - 100000
|
133
|
+
@u1.identities = [Auth::Identity.new(:provider => 'google_oauth2', :uid => '12345', :access_token => "old_access_token", :token_expires_at => token_expires_at).attributes.except("_id")]
|
134
|
+
@u1.version = 1
|
135
|
+
@u1.save
|
136
|
+
|
137
|
+
|
138
|
+
google_oauth2_verify_token_true_verify_hd_true
|
139
|
+
|
140
|
+
OmniAuth.config.test_mode = false
|
141
|
+
|
142
|
+
|
143
|
+
post google_oauth2_omniauth_callback_url(:id_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
144
|
+
|
145
|
+
#puts response.body.to_s
|
146
|
+
json_response = JSON.parse(response.body)
|
147
|
+
expect(json_response["authentication_token"]).to eql(@u1.authentication_token)
|
148
|
+
expect(json_response["es"]).to eql("test_es")
|
149
|
+
u = User.find(@u1.id)
|
150
|
+
expect(u.identities[0]["token_expires_at"]).to eql(20000)
|
151
|
+
expect(u.identities[0]["access_token"]).to eql("mock_token")
|
152
|
+
|
153
|
+
end
|
154
|
+
|
155
|
+
|
156
|
+
#################################################
|
157
|
+
##
|
158
|
+
##
|
159
|
+
##
|
160
|
+
## CODE TESTS.
|
161
|
+
##
|
162
|
+
##
|
163
|
+
##
|
164
|
+
#################################################
|
165
|
+
|
166
|
+
|
167
|
+
## CREATES NEW USER IF CODE IS VALID
|
168
|
+
|
169
|
+
it " -- creates new user if code is valid -- " do
|
170
|
+
## WE REOPEN AUTH_CODE
|
171
|
+
google_oauth2_verify_hd_true
|
172
|
+
google_oauth2_auth_code_get_token
|
173
|
+
|
174
|
+
OmniAuth.config.test_mode = false
|
175
|
+
|
176
|
+
post google_oauth2_omniauth_callback_url(:code => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
177
|
+
|
178
|
+
u = User.where(:email => "rrphotosoft@gmail.com").first
|
179
|
+
expect(u).not_to be_nil
|
180
|
+
expect(u.identities).to eql([{"provider"=>"google_oauth2", "uid"=>"12345", "email"=>"rrphotosoft@gmail.com", "access_token" => "mock_token", "token_expires_at" => 20000}])
|
181
|
+
expect(JSON.parse(response.body).keys).to match_array(["authentication_token","es"])
|
182
|
+
|
183
|
+
end
|
184
|
+
|
185
|
+
it " -- responds with user credentials, if try to create oauth with user who already registered before with same email, updates access_token and token_expires_at -- " do
|
186
|
+
|
187
|
+
@u1 = User.new(attributes_for(:user_confirmed))
|
188
|
+
@u1.email = "test@gmail.com"
|
189
|
+
@u1.identities
|
190
|
+
@u1.client_authentication["test_app_id"] = "test_es"
|
191
|
+
access_token = "old_access_token"
|
192
|
+
token_expires_at = Time.now.to_i - 100000
|
193
|
+
@u1.identities = [Auth::Identity.new(:provider => 'google_oauth2', :uid => '12345', :access_token => "old_access_token", :token_expires_at => token_expires_at).attributes.except("_id")]
|
194
|
+
@u1.version = 1
|
195
|
+
@u1.save
|
196
|
+
|
197
|
+
google_oauth2_verify_hd_true
|
198
|
+
google_oauth2_auth_code_get_token
|
199
|
+
|
200
|
+
OmniAuth.config.test_mode = false
|
201
|
+
|
202
|
+
|
203
|
+
post google_oauth2_omniauth_callback_url(:code => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
204
|
+
|
205
|
+
#puts response.body.to_s
|
206
|
+
json_response = JSON.parse(response.body)
|
207
|
+
expect(json_response["authentication_token"]).to eql(@u1.authentication_token)
|
208
|
+
expect(json_response["es"]).to eql("test_es")
|
209
|
+
u = User.find(@u1.id)
|
210
|
+
expect(u.identities[0]["token_expires_at"]).to eql(20000)
|
211
|
+
expect(u.identities[0]["access_token"]).to eql("mock_token")
|
212
|
+
|
213
|
+
end
|
214
|
+
|
215
|
+
it " -- creates a client after , new user is created using oauth -- " do
|
216
|
+
|
217
|
+
## WE REOPEN AUTH_CODE
|
218
|
+
google_oauth2_verify_hd_true
|
219
|
+
google_oauth2_auth_code_get_token
|
220
|
+
|
221
|
+
OmniAuth.config.test_mode = false
|
222
|
+
|
223
|
+
post google_oauth2_omniauth_callback_url(:code => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
224
|
+
|
225
|
+
u = User.where(:email => "rrphotosoft@gmail.com").first
|
226
|
+
expect(u).not_to be_nil
|
227
|
+
|
228
|
+
client = Auth::Client.where(:resource_id => u.id)
|
229
|
+
expect(client).not_to be_nil
|
230
|
+
|
231
|
+
end
|
232
|
+
|
233
|
+
end
|
234
|
+
|
235
|
+
context " -- fb test -- ", single: true do
|
236
|
+
|
237
|
+
it " -- handles invalid exchange_token -- " do
|
238
|
+
|
239
|
+
OmniAuth.config.test_mode = false
|
240
|
+
|
241
|
+
post facebook_omniauth_callback_url(:fb_exchange_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
242
|
+
|
243
|
+
expect(JSON.parse(response.body)).to eql({"failure_message" => "Invalid credentials"})
|
244
|
+
end
|
245
|
+
|
246
|
+
it " -- creates a new user if the fb_exchange_token is valid, and returns auth_token and es -- " do
|
247
|
+
|
248
|
+
facebook_oauth2_verify_fb_ex_token
|
249
|
+
|
250
|
+
OmniAuth.config.test_mode = false
|
251
|
+
|
252
|
+
post facebook_omniauth_callback_url(:fb_exchange_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
253
|
+
|
254
|
+
u = User.where(:email => "rrphotosoft@gmail.com").first
|
255
|
+
expect(u).not_to be_nil
|
256
|
+
expect(u.identities).to eql([{"provider"=>"facebook", "uid"=>"12345", "email"=>"rrphotosoft@gmail.com", "access_token" =>"mock_token", "token_expires_at" => 20000 }])
|
257
|
+
expect(JSON.parse(response.body).keys).to match_array(["authentication_token","es"])
|
258
|
+
|
259
|
+
end
|
260
|
+
|
261
|
+
it " -- redirects to omniauth failure path on any error in omni concern. -- " do
|
262
|
+
|
263
|
+
OmniAuth.config.test_mode = false
|
264
|
+
|
265
|
+
facebook_oauth2_nil_hash
|
266
|
+
|
267
|
+
post facebook_omniauth_callback_url(:fb_exchange_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
268
|
+
|
269
|
+
expect(response).to redirect_to(omniauth_failure_path("error"))
|
270
|
+
|
271
|
+
end
|
272
|
+
|
273
|
+
## NO RESOURCE TEST.
|
274
|
+
it " -- redirects to omniauth_failure_path and gives failure message of 'no resource' if no resource is specified in the omniauth_callback_request. " do
|
275
|
+
|
276
|
+
OmniAuth.config.test_mode = false
|
277
|
+
|
278
|
+
facebook_oauth2_verify_fb_ex_token
|
279
|
+
|
280
|
+
post facebook_omniauth_callback_url(:fb_exchange_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => nil}.to_json),nil,@headers
|
281
|
+
|
282
|
+
expect(response).to redirect_to(omniauth_failure_path("no_resource"))
|
283
|
+
end
|
284
|
+
|
285
|
+
end
|
286
|
+
|
287
|
+
end
|
288
|
+
|
289
|
+
end
|
290
|
+
|
291
|
+
context " -- multi provider tests -- ", :multi_pr => true do
|
292
|
+
|
293
|
+
before(:all) do
|
294
|
+
|
295
|
+
User.delete_all
|
296
|
+
Auth::Client.delete_all
|
297
|
+
@u = User.new(attributes_for(:user_confirmed))
|
298
|
+
@u.save
|
299
|
+
@c = Auth::Client.new(:resource_id => @u.id, :api_key => "test")
|
300
|
+
@c.redirect_urls = ["http://www.google.com"]
|
301
|
+
@c.app_ids << "test_app_id"
|
302
|
+
@c.path = "omniauth/users/"
|
303
|
+
@c.versioned_create
|
304
|
+
@u.client_authentication["test_app_id"] = "test_es"
|
305
|
+
@u.save
|
306
|
+
|
307
|
+
Auth.configuration.prevent_oauth_merger = false
|
308
|
+
|
309
|
+
@ap_key = @c.api_key
|
310
|
+
@headers = { "CONTENT_TYPE" => "application/json" , "ACCEPT" => "application/json"}
|
311
|
+
end
|
312
|
+
|
313
|
+
###
|
314
|
+
## THESE TESTS MUST BE RUN IN SEQUENCE, THEY ARE RELATED.
|
315
|
+
###
|
316
|
+
|
317
|
+
it " -- creates google_oauth2 user -- " do
|
318
|
+
|
319
|
+
OmniAuth.config.test_mode = false
|
320
|
+
|
321
|
+
google_oauth2_verify_token_true_verify_hd_true
|
322
|
+
|
323
|
+
# existing_user_with_email = User.where(:email => "rrphotosoft@gmail.com").first
|
324
|
+
|
325
|
+
# puts "existing user with email is in google:"
|
326
|
+
# puts existing_user_with_email.attributes.to_s
|
327
|
+
|
328
|
+
post google_oauth2_omniauth_callback_url(:id_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
329
|
+
|
330
|
+
end
|
331
|
+
|
332
|
+
it " -- creates facebook user with the same email -- ", :rocko => true do
|
333
|
+
|
334
|
+
|
335
|
+
|
336
|
+
facebook_oauth2_verify_fb_ex_token
|
337
|
+
|
338
|
+
OmniAuth.config.test_mode = false
|
339
|
+
|
340
|
+
|
341
|
+
|
342
|
+
post facebook_omniauth_callback_url(:fb_exchange_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
343
|
+
|
344
|
+
u = User.where(:email => "rrphotosoft@gmail.com").first
|
345
|
+
|
346
|
+
|
347
|
+
|
348
|
+
expect(u).not_to be_nil
|
349
|
+
expect(u.identities.include?({"provider"=>"facebook", "uid"=>"12345", "email"=>"rrphotosoft@gmail.com", "access_token" =>"mock_token", "token_expires_at" => 20000 })).to be_truthy
|
350
|
+
expect(u.identities.include?({"provider"=>"google_oauth2", "uid"=>"12345", "email"=>"rrphotosoft@gmail.com", "access_token" =>"mock_token", "token_expires_at" => 20000 })).to be_truthy
|
351
|
+
end
|
352
|
+
|
353
|
+
it " -- can sign in subsequently with google, updating access_token and es. -- " do
|
354
|
+
|
355
|
+
google_oauth2_verify_token_true_verify_hd_true
|
356
|
+
|
357
|
+
OmniauthMacros::MOCK_TOKEN = 'new_mock_token'
|
358
|
+
OmniauthMacros::EXPIRES_AT = 40000
|
359
|
+
|
360
|
+
OmniAuth.config.test_mode = false
|
361
|
+
|
362
|
+
|
363
|
+
post google_oauth2_omniauth_callback_url(:id_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
364
|
+
|
365
|
+
u = User.where(:email => "rrphotosoft@gmail.com").first
|
366
|
+
|
367
|
+
|
368
|
+
expect(u.identities.include?({"provider"=>"google_oauth2", "uid"=>"12345", "email"=>"rrphotosoft@gmail.com", "access_token" =>"new_mock_token", "token_expires_at" => 40000 })).to be_truthy
|
369
|
+
|
370
|
+
end
|
371
|
+
|
372
|
+
it " -- can sign in subsequently with facebook, updating access_token and es. -- " do
|
373
|
+
|
374
|
+
facebook_oauth2_verify_fb_ex_token
|
375
|
+
|
376
|
+
OmniAuth.config.test_mode = false
|
377
|
+
OmniauthMacros::MOCK_TOKEN = 'new_mock_token'
|
378
|
+
OmniauthMacros::EXPIRES_AT = 40000
|
379
|
+
|
380
|
+
post facebook_omniauth_callback_url(:fb_exchange_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
381
|
+
|
382
|
+
u = User.where(:email => "rrphotosoft@gmail.com").first
|
383
|
+
|
384
|
+
|
385
|
+
expect(u.identities.include?({"provider"=>"facebook", "uid"=>"12345", "email"=>"rrphotosoft@gmail.com", "access_token" =>"new_mock_token", "token_expires_at" => 40000 })).to be_truthy
|
386
|
+
|
387
|
+
end
|
388
|
+
|
389
|
+
end
|
390
|
+
|
391
|
+
context " -- confirmed_at tests --- " do
|
392
|
+
|
393
|
+
context " -- repeated oauth sign in , does not update confirmed_at -- " do
|
394
|
+
|
395
|
+
before(:all) do
|
396
|
+
Auth.configuration.prevent_oauth_merger = false
|
397
|
+
User.delete_all
|
398
|
+
Auth::Client.delete_all
|
399
|
+
@u = User.new(attributes_for(:user_confirmed))
|
400
|
+
@u.save
|
401
|
+
@c = Auth::Client.new(:resource_id => @u.id, :api_key => "test")
|
402
|
+
@c.redirect_urls = ["http://www.google.com"]
|
403
|
+
@c.app_ids << "test_app_id"
|
404
|
+
@c.path = "omniauth/users/"
|
405
|
+
@c.versioned_create
|
406
|
+
@u.client_authentication["test_app_id"] = "test_es"
|
407
|
+
@u.save
|
408
|
+
@ap_key = @c.api_key
|
409
|
+
@headers = { "CONTENT_TYPE" => "application/json" , "ACCEPT" => "application/json"}
|
410
|
+
@confirmed_at_times = []
|
411
|
+
end
|
412
|
+
|
413
|
+
it " -- first create user with google_oauth2 -- " do
|
414
|
+
OmniAuth.config.test_mode = false
|
415
|
+
|
416
|
+
google_oauth2_verify_token_true_verify_hd_true
|
417
|
+
|
418
|
+
post google_oauth2_omniauth_callback_url(:id_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
419
|
+
|
420
|
+
user_created = User.where(:email => "rrphotosoft@gmail.com").first
|
421
|
+
@confirmed_at_times << user_created.confirmed_at
|
422
|
+
|
423
|
+
end
|
424
|
+
|
425
|
+
it " -- now sign in again, confirmed_at should not change -- " do
|
426
|
+
sleep(4)
|
427
|
+
OmniAuth.config.test_mode = false
|
428
|
+
|
429
|
+
google_oauth2_verify_token_true_verify_hd_true
|
430
|
+
|
431
|
+
post google_oauth2_omniauth_callback_url(:id_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
432
|
+
user_signed_in = User.where(:email => "rrphotosoft@gmail.com").first
|
433
|
+
|
434
|
+
@confirmed_at_times << user_signed_in.confirmed_at
|
435
|
+
expect(@confirmed_at_times.uniq.size).to eql(1)
|
436
|
+
end
|
437
|
+
end
|
438
|
+
|
439
|
+
|
440
|
+
context " -- sign in with different identities, does not update confirmed_at -- " do
|
441
|
+
|
442
|
+
before(:all) do
|
443
|
+
Auth.configuration.prevent_oauth_merger = false
|
444
|
+
User.delete_all
|
445
|
+
Auth::Client.delete_all
|
446
|
+
@u = User.new(attributes_for(:user_confirmed))
|
447
|
+
@u.save
|
448
|
+
@c = Auth::Client.new(:resource_id => @u.id, :api_key => "test")
|
449
|
+
@c.redirect_urls = ["http://www.google.com"]
|
450
|
+
@c.app_ids << "test_app_id"
|
451
|
+
@c.path = "omniauth/users/"
|
452
|
+
@c.versioned_create
|
453
|
+
@u.client_authentication["test_app_id"] = "test_es"
|
454
|
+
@u.save
|
455
|
+
@ap_key = @c.api_key
|
456
|
+
@headers = { "CONTENT_TYPE" => "application/json" , "ACCEPT" => "application/json"}
|
457
|
+
@confirmed_at_times = []
|
458
|
+
end
|
459
|
+
|
460
|
+
it " -- first create user with google_oauth2 -- " do
|
461
|
+
OmniAuth.config.test_mode = false
|
462
|
+
|
463
|
+
google_oauth2_verify_token_true_verify_hd_true
|
464
|
+
|
465
|
+
post google_oauth2_omniauth_callback_url(:id_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
466
|
+
|
467
|
+
user_created = User.where(:email => "rrphotosoft@gmail.com").first
|
468
|
+
@confirmed_at_times << user_created.confirmed_at
|
469
|
+
|
470
|
+
end
|
471
|
+
|
472
|
+
it " -- subsequently signs in with facebook identity --- " do
|
473
|
+
sleep(5)
|
474
|
+
facebook_oauth2_verify_fb_ex_token
|
475
|
+
|
476
|
+
OmniAuth.config.test_mode = false
|
477
|
+
|
478
|
+
existing_user_with_email = User.where(:email => "rrphotosoft@gmail.com").first
|
479
|
+
|
480
|
+
|
481
|
+
post facebook_omniauth_callback_url(:fb_exchange_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
482
|
+
|
483
|
+
u = User.where(:email => "rrphotosoft@gmail.com").first
|
484
|
+
@confirmed_at_times << u.confirmed_at
|
485
|
+
expect(@confirmed_at_times.uniq.size).to eql(1)
|
486
|
+
|
487
|
+
end
|
488
|
+
|
489
|
+
|
490
|
+
end
|
491
|
+
|
492
|
+
end
|
493
|
+
|
494
|
+
context " -- does not allow email update , after signing up with oauth ", change_password_after_oauth: true do
|
495
|
+
|
496
|
+
before(:all) do
|
497
|
+
Auth.configuration.prevent_oauth_merger = false
|
498
|
+
User.delete_all
|
499
|
+
Auth::Client.delete_all
|
500
|
+
@u = User.new(attributes_for(:user_confirmed))
|
501
|
+
@u.save
|
502
|
+
@c = Auth::Client.new(:resource_id => @u.id, :api_key => "test")
|
503
|
+
@c.redirect_urls = ["http://www.google.com"]
|
504
|
+
@c.app_ids << "test_app_id"
|
505
|
+
@c.path = "omniauth/users/"
|
506
|
+
@c.versioned_create
|
507
|
+
@u.client_authentication["test_app_id"] = "test_es"
|
508
|
+
@u.save
|
509
|
+
@ap_key = @c.api_key
|
510
|
+
@headers = { "CONTENT_TYPE" => "application/json" , "ACCEPT" => "application/json"}
|
511
|
+
@confirmed_at_times = []
|
512
|
+
ActionMailer::Base.deliveries = []
|
513
|
+
end
|
514
|
+
|
515
|
+
##TESTS MUST BE RUN IN SEQUENCE
|
516
|
+
it " -- signs up with google oauth 2 " do
|
517
|
+
OmniAuth.config.test_mode = false
|
518
|
+
|
519
|
+
google_oauth2_verify_token_true_verify_hd_true
|
520
|
+
|
521
|
+
post google_oauth2_omniauth_callback_url(:id_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
522
|
+
end
|
523
|
+
|
524
|
+
it " -- does not process forgot password instructions -- " do
|
525
|
+
u = User.order_by(:confirmed_at => "desc").first
|
526
|
+
post user_password_path,{user: {email: u.email}}
|
527
|
+
expect(ActionMailer::Base.deliveries).to be_empty
|
528
|
+
|
529
|
+
end
|
530
|
+
|
531
|
+
it " -- does not allow email update -- " do
|
532
|
+
## because this will need the password.
|
533
|
+
## so we just ensured in the previous test, that he cannot change his password.
|
534
|
+
end
|
535
|
+
|
536
|
+
end
|
537
|
+
|
538
|
+
context " -- user signs up with email address -- ", :confirm_lafda => true do
|
539
|
+
|
540
|
+
|
541
|
+
|
542
|
+
context " -- confirms it -- " do
|
543
|
+
|
544
|
+
before(:example) do
|
545
|
+
Auth.configuration.prevent_oauth_merger = false
|
546
|
+
User.delete_all
|
547
|
+
Auth::Client.delete_all
|
548
|
+
@u = User.new(attributes_for(:user_confirmed))
|
549
|
+
## ensure email is set to rrphotosoft so that it
|
550
|
+
@u.email = "rrphotosoft@gmail.com"
|
551
|
+
@u.save
|
552
|
+
@c = Auth::Client.new(:resource_id => @u.id, :api_key => "test")
|
553
|
+
@c.redirect_urls = ["http://www.google.com"]
|
554
|
+
@c.app_ids << "test_app_id"
|
555
|
+
@c.path = "omniauth/users/"
|
556
|
+
@c.versioned_create
|
557
|
+
@u.client_authentication["test_app_id"] = "test_es"
|
558
|
+
@u.save
|
559
|
+
@ap_key = @c.api_key
|
560
|
+
@headers = { "CONTENT_TYPE" => "application/json" , "ACCEPT" => "application/json"}
|
561
|
+
#@confirmed_at_times = []
|
562
|
+
#ActionMailer::Base.deliveries = []
|
563
|
+
end
|
564
|
+
|
565
|
+
it " -- on signing up with oauth of the same email, error message says account is already in use. -- " do
|
566
|
+
|
567
|
+
OmniAuth.config.test_mode = false
|
568
|
+
|
569
|
+
google_oauth2_verify_token_true_verify_hd_true
|
570
|
+
|
571
|
+
post google_oauth2_omniauth_callback_url(:id_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
572
|
+
|
573
|
+
|
574
|
+
response_body = JSON.parse(response.body)
|
575
|
+
expect(response_body["errors"]).to eq("That email is in use by another account")
|
576
|
+
expect(response.code).to eq("500")
|
577
|
+
|
578
|
+
end
|
579
|
+
|
580
|
+
end
|
581
|
+
|
582
|
+
end
|
583
|
+
|
584
|
+
context " -- prevent oauth merger is set to true -- " do
|
585
|
+
before(:all) do
|
586
|
+
|
587
|
+
User.delete_all
|
588
|
+
Auth::Client.delete_all
|
589
|
+
@u = User.new(attributes_for(:user_confirmed))
|
590
|
+
@u.save
|
591
|
+
@c = Auth::Client.new(:resource_id => @u.id, :api_key => "test")
|
592
|
+
@c.redirect_urls = ["http://www.google.com"]
|
593
|
+
@c.app_ids << "test_app_id"
|
594
|
+
@c.path = "omniauth/users/"
|
595
|
+
@c.versioned_create
|
596
|
+
@u.client_authentication["test_app_id"] = "test_es"
|
597
|
+
@u.save
|
598
|
+
|
599
|
+
Auth.configuration.prevent_oauth_merger = true
|
600
|
+
|
601
|
+
@ap_key = @c.api_key
|
602
|
+
@headers = { "CONTENT_TYPE" => "application/json" , "ACCEPT" => "application/json"}
|
603
|
+
end
|
604
|
+
|
605
|
+
###
|
606
|
+
## THESE TESTS MUST BE RUN IN SEQUENCE, THEY ARE RELATED.
|
607
|
+
###
|
608
|
+
|
609
|
+
it " -- creates google_oauth2 user -- " do
|
610
|
+
|
611
|
+
OmniAuth.config.test_mode = false
|
612
|
+
|
613
|
+
google_oauth2_verify_token_true_verify_hd_true
|
614
|
+
|
615
|
+
# existing_user_with_email = User.where(:email => "rrphotosoft@gmail.com").first
|
616
|
+
|
617
|
+
# puts "existing user with email is in google:"
|
618
|
+
# puts existing_user_with_email.attributes.to_s
|
619
|
+
|
620
|
+
post google_oauth2_omniauth_callback_url(:id_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
621
|
+
|
622
|
+
end
|
623
|
+
|
624
|
+
it " -- creates facebook user with the same email -- ", :rocko => true do
|
625
|
+
|
626
|
+
|
627
|
+
|
628
|
+
facebook_oauth2_verify_fb_ex_token
|
629
|
+
|
630
|
+
OmniAuth.config.test_mode = false
|
631
|
+
|
632
|
+
|
633
|
+
|
634
|
+
post facebook_omniauth_callback_url(:fb_exchange_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
635
|
+
|
636
|
+
u = User.where(:email => "rrphotosoft@gmail.com").first
|
637
|
+
|
638
|
+
|
639
|
+
|
640
|
+
expect(u).not_to be_nil
|
641
|
+
expect(u.identities.include?({"provider"=>"facebook", "uid"=>"12345", "email"=>"rrphotosoft@gmail.com", "access_token" =>"mock_token", "token_expires_at" => 20000 })).not_to be_truthy
|
642
|
+
expect(u.identities.include?({"provider"=>"google_oauth2", "uid"=>"12345", "email"=>"rrphotosoft@gmail.com", "access_token" =>"mock_token", "token_expires_at" => 20000 })).to be_truthy
|
643
|
+
end
|
644
|
+
|
645
|
+
it " -- can sign in subsequently with google, updating access_token and es. -- " do
|
646
|
+
|
647
|
+
google_oauth2_verify_token_true_verify_hd_true
|
648
|
+
|
649
|
+
OmniauthMacros::MOCK_TOKEN = 'new_mock_token'
|
650
|
+
OmniauthMacros::EXPIRES_AT = 40000
|
651
|
+
|
652
|
+
OmniAuth.config.test_mode = false
|
653
|
+
|
654
|
+
|
655
|
+
post google_oauth2_omniauth_callback_url(:id_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
656
|
+
|
657
|
+
u = User.where(:email => "rrphotosoft@gmail.com").first
|
658
|
+
|
659
|
+
|
660
|
+
expect(u.identities.include?({"provider"=>"google_oauth2", "uid"=>"12345", "email"=>"rrphotosoft@gmail.com", "access_token" =>"new_mock_token", "token_expires_at" => 40000 })).to be_truthy
|
661
|
+
|
662
|
+
end
|
663
|
+
|
664
|
+
it " -- can sign in subsequently with facebook, updating access_token and es. -- " do
|
665
|
+
|
666
|
+
facebook_oauth2_verify_fb_ex_token
|
667
|
+
|
668
|
+
OmniAuth.config.test_mode = false
|
669
|
+
OmniauthMacros::MOCK_TOKEN = 'new_mock_token'
|
670
|
+
OmniauthMacros::EXPIRES_AT = 40000
|
671
|
+
|
672
|
+
post facebook_omniauth_callback_url(:fb_exchange_token => "rupert", :state => {:api_key => @c.api_key, :current_app_id => @c.app_ids[0], :path => @c.path}.to_json),nil,@headers
|
673
|
+
|
674
|
+
u = User.where(:email => "rrphotosoft@gmail.com").first
|
675
|
+
|
676
|
+
|
677
|
+
expect(u.identities.include?({"provider"=>"facebook", "uid"=>"12345", "email"=>"rrphotosoft@gmail.com", "access_token" =>"new_mock_token", "token_expires_at" => 40000 })).not_to be_truthy
|
678
|
+
|
679
|
+
end
|
680
|
+
end
|
681
|
+
|
682
|
+
end
|