RubyGems - wordjelly-auth - Versions diffs - 1.4.0 → 1.4.2 - Mend

wordjelly-auth 1.4.0 → 1.4.2

Files changed (171) hide show

data/spec/requests/user/session_request_spec.rb CHANGED

@@ -8,8 +8,6 @@ now in all the tests, we sign in this user only, using its own client. normally
 RSpec.describe "session request spec",:session => true,:authentication => true, :type => :request do
 	context " -- web app requests" do
 		before(:example) do
@@ -33,7 +31,7 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 			it " -- GET Request,should set the session variables " do
-				get new_user_session_path,{redirect_url: "http://www.google.com", api_key: @ap_key, current_app_id: @c.app_ids[0]}
+				get new_user_session_path, params: {redirect_url: "http://www.google.com", api_key: @ap_key, current_app_id: @c.app_ids[0]}
 				expect(session[:client]).not_to be_nil
 				expect(session[:redirect_url]).not_to be_nil
@@ -42,7 +40,7 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 			it " -- CREATE request, should redirect with the auth_token and es " do
-				post user_session_path,{user: {login: @u.email, password: "password"},redirect_url: "http://www.google.com", api_key: @ap_key, current_app_id: @c.app_ids[0]}
+				post user_session_path, params: {user: {login: @u.email, password: "password"},redirect_url: "http://www.google.com", api_key: @ap_key, current_app_id: @c.app_ids[0]}
 				user = assigns(:user)
 				expect(response.code).to eq("302")
 				expect(response).to redirect_to("http://www.google.com?authentication_token=#{user.authentication_token}&es=#{user.client_authentication[@c.app_ids[0]]}")
@@ -54,7 +52,7 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 			it " -- DESTROY Request, should not redirect. " do
 				sign_in_as_a_valid_and_confirmed_user
-				delete destroy_user_session_path,{:id => @user.id, redirect_url: "http://www.google.com", api_key: @ap_key, current_app_id: @c.app_ids[0]}
+				delete destroy_user_session_path, params: {:id => @user.id, redirect_url: "http://www.google.com", api_key: @ap_key, current_app_id: @c.app_ids[0]}
 				expect(response.code).to eq("302")
 				expect(response).to redirect_to(root_path)
 				expect(@user.errors.full_messages).to be_empty
@@ -67,7 +65,7 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 			it " -- yields new session" do
-				get new_user_session_path,{api_key: "dog", redirect_url:"http://www.google.com", current_app_id: @c.app_ids[0]}
+				get new_user_session_path, params: {api_key: "dog", redirect_url:"http://www.google.com", current_app_id: @c.app_ids[0]}
 				res = assigns(:user)
 				expect(response.code).to eq("200")
 				expect(session[:client]).to be_nil
@@ -79,7 +77,7 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 			end
 			it " -- create session successfully,but does not redirect" do
-				post user_session_path, {user: {login: @u.email, password: "password"}, api_key:"dog", redirect_url:"http://www.google.com", current_app_id: @c.app_ids[0]}
+				post user_session_path, params: {user: {login: @u.email, password: "password"}, api_key:"dog", redirect_url:"http://www.google.com", current_app_id: @c.app_ids[0]}
 				res = assigns(:user)
 				expect(session[:client]).to be_nil
 				expect(session[:redirect_url]).to be_nil
@@ -91,7 +89,7 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 			it " -- destory session loads" do
 				sign_in_as_a_valid_and_confirmed_user
-				delete destroy_user_session_path,{:id => @user.id, api_key:"dog", redirect_url:"http://www.google.com", current_app_id: @c.app_ids[0]}
+				delete destroy_user_session_path, params: {:id => @user.id, api_key:"dog", redirect_url:"http://www.google.com", current_app_id: @c.app_ids[0]}
 				res = assigns(:user)
 				expect(session[:client]).to be_nil
 				expect(session[:redirect_url]).to be_nil
@@ -108,7 +106,7 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 			it " -- yields new session" do
-				get new_user_session_path,{ redirect_url:"http://www.google.com", current_app_id: @c.app_ids[0]}
+				get new_user_session_path, params: { redirect_url:"http://www.google.com", current_app_id: @c.app_ids[0]}
 				res = assigns(:user)
 				expect(response.code).to eq("200")
 				expect(session[:client]).to be_nil
@@ -119,7 +117,7 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 			end
 			it " -- create session successfully, but does not redirect" do
-				post new_user_session_path, {user: attributes_for(:user),  redirect_url:"http://www.google.com", current_app_id: @c.app_ids[0]}
+				post new_user_session_path, params: {user: attributes_for(:user),  redirect_url:"http://www.google.com", current_app_id: @c.app_ids[0]}
 				res = assigns(:user)
 				expect(response.code).to eq("200")
 				expect(session[:client]).to be_nil
@@ -130,7 +128,7 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 			it " -- destory session loads" do
 				sign_in_as_a_valid_and_confirmed_user
-				delete destroy_user_session_path,{:id => @user.id,  redirect_url:"http://www.google.com", current_app_id: @c.app_ids[0]}
+				delete destroy_user_session_path, params: {:id => @user.id,  redirect_url:"http://www.google.com", current_app_id: @c.app_ids[0]}
 				expect(session[:client]).to be_nil
 				expect(session[:redirect_url]).to be_nil
 				expect(response.code).to eq("302")
@@ -153,7 +151,7 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 			end
 			it " -- create session successfully, but does not redirect" do
-				post new_user_session_path, {user: attributes_for(:user)}
+				post new_user_session_path, params: {user: attributes_for(:user)}
 				res = assigns(:user)
 				expect(response.code).to eq("200")
 				expect(res).not_to be_nil
@@ -162,7 +160,7 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 			it " -- destory session loads" do
 				sign_in_as_a_valid_and_confirmed_user
-				delete destroy_user_session_path,{:id => @user.id}
+				delete destroy_user_session_path, params: {:id => @user.id}
 				expect(response.code).to eq("302")
 			end
@@ -170,6 +168,7 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 	end
 	context " -- json requests " do
 		before(:example) do
@@ -187,8 +186,8 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 		end
 		after(:example) do
-			session.delete(:client)
-			session.delete(:redirect_url)
+			#session.delete(:client)
+			#session.delete(:redirect_url)
 		end
 		before(:each) do
@@ -199,19 +198,19 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 		context " -- no api key" do
 			it " -- new session returns not authenticated" do
-				get new_user_session_path,nil,@headers
+				get new_user_session_path,params: nil,headers: @headers
         		expect(response.code).to eq("406")
 			end
 			it " -- create session retursn not authenticated" do
-				post new_user_session_path, {user: attributes_for(:user)}.to_json, @headers
+				post new_user_session_path, params: {user: attributes_for(:user)}.to_json, headers: @headers
         		expect(response.code).to eq("401")
 			end
 			it " -- destroy session returns not authenticated" do
 				a = {:id => @u.id}
-		        delete destroy_user_session_path, a.to_json, @headers
+		        delete destroy_user_session_path,params: a.to_json,headers: @headers
 		        expect(response.code).to eq("406")
 			end
@@ -220,20 +219,20 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 		context " -- invalid api key " do
 			it " -- new session returns not authenticated" do
-				get new_user_registration_path,nil,@headers
+				get new_user_registration_path,params: nil,headers: @headers
         		expect(response.code).to eq("401")
 			end
 			it " -- create session retursn not authenticated" do
-				post new_user_session_path, {user: attributes_for(:user)}.to_json, @headers
+				post new_user_session_path, params: {user: attributes_for(:user)}.to_json, headers: @headers
         		expect(response.code).to eq("401")
 			end
 			it " -- destroy session returns not authenticated" do
 				a = {:id => @u.id}
-		        delete destroy_user_session_path, a.to_json, @headers
+		        delete destroy_user_session_path, params: a.to_json, headers: @headers
 		        expect(response.code).to eq("406")
 			end
@@ -243,7 +242,7 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 			it " -- returns 406 when calling GET" do
-				get new_user_session_path, {api_key: @ap_key, current_app_id: @c.app_ids[0]}, @headers
+				get new_user_session_path, params: {api_key: @ap_key, current_app_id: @c.app_ids[0]}, headers: @headers
 				expect(response.code).to eq("406")
 			end
@@ -253,7 +252,7 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 				params = {user: {login: @u.email, password: "password"}, api_key: @ap_key, current_app_id: @c.app_ids[0]}
-				post user_session_path, params.to_json, @headers
+				post user_session_path, params: params.to_json, headers: @headers
         		expect(response.code).to eq("201")
         		user_hash = JSON.parse(response.body)
         		expect(user_hash.keys).to match_array(["authentication_token","es"])
@@ -264,14 +263,14 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 				params = {user: {login: @u.email, password: "wrong_password"}, api_key: @ap_key, current_app_id: @c.app_ids[0]}
-				post user_session_path, params.to_json, @headers
+				post user_session_path, params: params.to_json, headers: @headers
         		expect(response.code).to eq("401")
 			end
 			it " -- returns 406 when calling DESTROY" do
 				a = {:id => @u.id, :api_key => @ap_key, current_app_id: @c.app_ids[0]}
-		        delete destroy_user_session_path, a.to_json, @headers
+		        delete destroy_user_session_path, params: a.to_json, headers: @headers
 		        expect(response.code).to eq("406")
 			end
@@ -310,13 +309,13 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 		it " -- signs in user using first client -- " do
 			params = {user: {login: @u.email, password: "password"}, api_key: @ap_key, current_app_id: @c.app_ids[0]}
-			post user_session_path, params
+			post user_session_path, params: params
 		end
 		it "-- signs in user using second client -- " do
 			params = {user: {login: @u.email, password: "password"}, api_key: @ap_key2, current_app_id: @c2.app_ids[0]}
-			post new_user_session_path, params
+			post new_user_session_path, params: params
 			@signed_in_user = assigns(:user)
 			expect(@signed_in_user.client_authentication[@c.app_ids[0]]).not_to be_nil
 			expect(@signed_in_user.client_authentication[@c2.app_ids[0]]).not_to be_nil
@@ -344,12 +343,12 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 	    it " -- signs in user with first app id -- " do
 	    	params = {user: {login: @u.email, password: "password"}, api_key: @ap_key, current_app_id: @c.app_ids[0]}
-			post new_user_session_path, params
+			post new_user_session_path, params: params
 	    end
 	    it " -- signs in user with second app id -- " do
 	    	params = {user: {login: @u.email, password: "password"}, api_key: @ap_key, current_app_id: @c.app_ids[1]}
-			post new_user_session_path, params
+			post new_user_session_path, params: params
 	    	@signed_in_user = assigns(:user)
 			expect(@signed_in_user.client_authentication[@c.app_ids[0]]).not_to be_nil
 			expect(@signed_in_user.client_authentication[@c.app_ids[1]]).not_to be_nil
@@ -357,5 +356,4 @@ RSpec.describe "session request spec",:session => true,:authentication => true,
 	end
 end

data/spec/requests/user/token_request_spec.rb CHANGED

@@ -4,108 +4,81 @@ RSpec.describe "token request spec", :type => :request, token: true do
 	before(:all) do
-                ActionController::Base.allow_forgery_protection = true
-                User.delete_all
-                Auth::Client.delete_all
-                Auth.configuration.token_regeneration_time = 1.day
-                @u = User.new(attributes_for(:user_confirmed))
-                @u.save
-                @c = Auth::Client.new(:resource_id => @u.id, :api_key => "test")
-                @c.redirect_urls = ["http://www.google.com"]
-                @c.app_ids << "testappid"
-                @c.versioned_create
-                @u.client_authentication["testappid"] = "testes"
-                @u.save
-                @ap_key = @c.api_key
-                @headers = { "CONTENT_TYPE" => "application/json" , "ACCEPT" => "application/json", "X-User-Token" => @u.authentication_token, "X-User-Es" => @u.client_authentication["testappid"], "X-User-Aid" => @c.app_ids[0]}
-                @admin = User.new(attributes_for(:user_confirmed))
-                @admin.admin = true
-                @admin.client_authentication["testappid"] = "testestoken2"
-                resp = @admin.save
-                #puts "Result of saving admin:"
-                #puts resp.to_s
-                @admin_headers = { "CONTENT_TYPE" => "application/json" , "ACCEPT" => "application/json", "X-User-Token" => @admin.authentication_token, "X-User-Es" => @admin.client_authentication["testappid"], "X-User-Aid" => "testappid"}
+        ActionController::Base.allow_forgery_protection = true
+        User.delete_all
+        Auth::Client.delete_all
+        Auth.configuration.token_regeneration_time = 1.day
+        @u = User.new(attributes_for(:user_confirmed))
+        @u.save
+        @c = Auth::Client.new(:resource_id => @u.id, :api_key => "test")
+        @c.redirect_urls = ["http://www.google.com"]
+        @c.app_ids << "testappid"
+        @c.versioned_create
+        @u.client_authentication["testappid"] = "testes"
+        @u.save
+        @ap_key = @c.api_key
+        @headers = { "CONTENT_TYPE" => "application/json" , "ACCEPT" => "application/json", "X-User-Token" => @u.authentication_token, "X-User-Es" => @u.client_authentication["testappid"], "X-User-Aid" => @c.app_ids[0]}
+        @admin = User.new(attributes_for(:user_confirmed))
+        @admin.admin = true
+        @admin.client_authentication["testappid"] = "testestoken2"
+        resp = @admin.save
+        @admin_headers = { "CONTENT_TYPE" => "application/json" , "ACCEPT" => "application/json", "X-User-Token" => @admin.authentication_token, "X-User-Es" => @admin.client_authentication["testappid"], "X-User-Aid" => "testappid"}
     end
-        context "-- API JSON token authentication tests " do
-                it " -- will authenticate provided the api key and app id in the body -- " do
-                    get new_topic_path, {:api_key => @ap_key, :current_app_id => "testappid"}, @headers
-                    expect(response.code).to eq("200")
-                end
-                it " - will not authenticate without the app id and api key. ", :topic_focus => true do
-                        get new_topic_path, nil, @headers
-                        expect(response.code).to eq("401")
-                end
-                it " - does not authenticate without es", :defocus => true do
-                        get new_topic_path, nil, { "CONTENT_TYPE" => "application/json" , "ACCEPT" => "application/json", "X-User-Token" => @u.authentication_token, "X-User-Aid" => @c.app_ids[0]}
-                        expect(response.code).to eq("401")
-                end
-                it " - does not authenticate without app id", :focus => true do
-                        get new_topic_path, nil, { "CONTENT_TYPE" => "application/json" , "ACCEPT" => "application/json", "X-User-Token" => @u.authentication_token, "X-User-Es" => @u.client_authentication["testappid"]}
-                        expect(response.code).to eq("401")
-                end
-        end
-        context " -- token regeneration -- " do
+    context "-- API JSON token authentication tests " do
+            it " -- will authenticate provided the api key and app id in the body -- " do
+                get new_topic_path, params: {:api_key => @ap_key, :current_app_id => "testappid"}, headers: @headers
+                expect(response.code).to eq("200")
+            end
-            it " -- yields changed token on sign in -- ", :ctoken => true do
-                u = User.new(attributes_for(:user_confirmed))
-                expect(u.save).to be_truthy
-                initial_auth_token = u.authentication_token
-                puts "initial authentication token is:"
-                puts initial_auth_token.to_s
-                params = {user: {login: @u.email, password: "password"}, api_key: @ap_key, current_app_id: @c.app_ids[0]}
-                ## from where do you expect this authentication token to come ?
-                ## it has to be called on sign in.
-                post user_session_path, params.to_json, { "CONTENT_TYPE" => "application/json" , "ACCEPT" => "application/json"}
+            it " - will not authenticate without the app id and api key. ", :topic_focus => true do
+                get new_topic_path, params: nil, headers: @headers
+                expect(response.code).to eq("401")
+            end
-                expect(response.code).to eq("201")
+            it " - does not authenticate without es", :defocus => true do
+                get new_topic_path, params: nil, headers: { "CONTENT_TYPE" => "application/json" , "ACCEPT" => "application/json", "X-User-Token" => @u.authentication_token, "X-User-Aid" => @c.app_ids[0]}
+                expect(response.code).to eq("401")
+            end
-                user_hash = JSON.parse(response.body)
-                expect(user_hash.keys).to match_array(["authentication_token","es"])
-                expect(user_hash["authentication_token"]).not_to eq(initial_auth_token)
+            it " - does not authenticate without app id", :focus => true do
+                get new_topic_path, params: nil, headers: { "CONTENT_TYPE" => "application/json" , "ACCEPT" => "application/json", "X-User-Token" => @u.authentication_token, "X-User-Es" => @u.client_authentication["testappid"]}
+                expect(response.code).to eq("401")
             end
-            it " -- fails to sign in past expiration -- " do
+    end
-            end
-            it " -- yields changed token on user email update -- " do
+    context " -- token regeneration -- " do
-            end
-            it " -- yields changed token on user password update -- " do
+        it " -- yields changed token on sign in -- ", :ctoken => true do
-            end
+            u = User.new(attributes_for(:user_confirmed))
+            expect(u.save).to be_truthy
+            initial_auth_token = u.authentication_token
+            puts "initial authentication token is:"
+            puts initial_auth_token.to_s
+            params = {user: {login: @u.email, password: "password"}, api_key: @ap_key, current_app_id: @c.app_ids[0]}
+            ## from where do you expect this authentication token to come ?
+            ## it has to be called on sign in.
+            post user_session_path, params: params.to_json, headers: { "CONTENT_TYPE" => "application/json" , "ACCEPT" => "application/json"}
+            expect(response.code).to eq("201")
+            user_hash = JSON.parse(response.body)
+            expect(user_hash.keys).to match_array(["authentication_token","es"])
+            expect(user_hash["authentication_token"]).not_to eq(initial_auth_token)
         end
+    end
 end

data/spec/requests/user/unlock_request_spec.rb CHANGED

@@ -50,7 +50,7 @@ RSpec.describe "unlock request spec", :type => :request,:authentication => true,
 			it " -- create -- " do
 				prev_msg_count = ActionMailer::Base.deliveries.size
-				post user_unlock_path,{user:{email: @u.email}}
+				post user_unlock_path,params: {user:{email: @u.email}}
 				expect(response.code).to eq("302")
 				message = ActionMailer::Base.deliveries[-1].to_s
     			token = nil
@@ -80,7 +80,7 @@ RSpec.describe "unlock request spec", :type => :request,:authentication => true,
       				token = j[:unlock_token]
       			end
-    			get user_unlock_path,{unlock_token: token}
+    			get user_unlock_path,params: {unlock_token: token}
     			expect(response.code).to eql("302")
     			@u.reload
     			expect(@u.access_locked?).not_to be_truthy
@@ -94,7 +94,7 @@ RSpec.describe "unlock request spec", :type => :request,:authentication => true,
 		context " -- valid api key + redirect_url -- " do
 			it " -- new should not redirect" do
-				get new_user_unlock_path, {redirect_url: "http://www.google.com", api_key: @ap_key, current_app_id: @c.app_ids[0]}
+				get new_user_unlock_path, params: {redirect_url: "http://www.google.com", api_key: @ap_key, current_app_id: @c.app_ids[0]}
 				expect(session[:client]).not_to be_nil
 				expect(session[:redirect_url]).not_to be_nil
 				expect(response.code).to eq("200")
@@ -102,7 +102,7 @@ RSpec.describe "unlock request spec", :type => :request,:authentication => true,
 			it " -- create should not redirect" do
 				prev_msg_count = ActionMailer::Base.deliveries.size
-				post user_unlock_path,{user:{email: @u.email},redirect_url: "http://www.google.com", api_key: @ap_key, current_app_id: @c.app_ids[0]}
+				post user_unlock_path, params: {user:{email: @u.email},redirect_url: "http://www.google.com", api_key: @ap_key, current_app_id: @c.app_ids[0]}
 				expect(session[:client]).not_to be_nil
 				expect(session[:redirect_url]).not_to be_nil
 				expect(response.code).to eq("302")
@@ -133,7 +133,7 @@ RSpec.describe "unlock request spec", :type => :request,:authentication => true,
       				token = j[:unlock_token]
       			end
-    			get user_unlock_path,{unlock_token: token,redirect_url: "http://www.google.com", api_key: @ap_key, current_app_id: @c.app_ids[0]}
+    			get user_unlock_path,params: {unlock_token: token,redirect_url: "http://www.google.com", api_key: @ap_key, current_app_id: @c.app_ids[0]}
     			expect(session[:client]).not_to be_nil
 				expect(session[:redirect_url]).not_to be_nil
@@ -157,7 +157,7 @@ RSpec.describe "unlock request spec", :type => :request,:authentication => true,
 			it " -- new -- " do
-				get new_user_unlock_path,{api_key: @ap_key, current_app_id: @c.app_ids[0]}.to_json,@headers
+				get new_user_unlock_path,params: {api_key: @ap_key, current_app_id: @c.app_ids[0]}.to_json,headers: @headers
 				expect(response.code).to eq("406")
 			end
@@ -165,7 +165,7 @@ RSpec.describe "unlock request spec", :type => :request,:authentication => true,
 			it " -- create -- " do
 				prev_msg_count = ActionMailer::Base.deliveries.size
-				post user_unlock_path,{user:{email: @u.email},api_key: @ap_key, current_app_id: @c.app_ids[0]}.to_json,@headers
+				post user_unlock_path,params: {user:{email: @u.email},api_key: @ap_key, current_app_id: @c.app_ids[0]}.to_json,headers: @headers
 				message = ActionMailer::Base.deliveries[-1].to_s
     			token = nil
@@ -193,7 +193,7 @@ RSpec.describe "unlock request spec", :type => :request,:authentication => true,
       				token = j[:unlock_token]
       			end
-    			get user_unlock_path,{unlock_token: token, api_key: @ap_key, current_app_id: @c.app_ids[0]},@headers
+    			get user_unlock_path,params: {unlock_token: token, api_key: @ap_key, current_app_id: @c.app_ids[0]},headers: @headers
     			@u.reload
     			expect(@u.unlock_token).to be_nil
     			expect(@u.locked_at).to be_nil