xing_backend_token_auth 0.1.31
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/LICENSE +13 -0
- data/README.md +679 -0
- data/Rakefile +34 -0
- data/app/controllers/devise_token_auth/application_controller.rb +22 -0
- data/app/controllers/devise_token_auth/concerns/set_user_by_token.rb +110 -0
- data/app/controllers/devise_token_auth/confirmations_controller.rb +31 -0
- data/app/controllers/devise_token_auth/omniauth_callbacks_controller.rb +169 -0
- data/app/controllers/devise_token_auth/passwords_controller.rb +107 -0
- data/app/controllers/devise_token_auth/registrations_controller.rb +99 -0
- data/app/controllers/devise_token_auth/sessions_controller.rb +50 -0
- data/app/controllers/devise_token_auth/token_validations_controller.rb +22 -0
- data/app/serializers/devise_token_auth/error_messages_serializer.rb +16 -0
- data/app/serializers/devise_token_auth/resource_errors_serializer.rb +24 -0
- data/app/serializers/devise_token_auth/resource_serializer.rb +17 -0
- data/app/serializers/devise_token_auth/success_message_serializer.rb +15 -0
- data/app/views/devise/mailer/confirmation_instructions.html.erb +5 -0
- data/app/views/devise/mailer/reset_password_instructions.html.erb +8 -0
- data/app/views/devise/mailer/unlock_instructions.html.erb +7 -0
- data/app/views/devise_token_auth/omniauth_failure.html.erb +2 -0
- data/app/views/devise_token_auth/omniauth_success.html.erb +8 -0
- data/app/views/layouts/omniauth_response.html.erb +31 -0
- data/config/initializers/devise.rb +207 -0
- data/config/initializers/token_auth_failure_app.rb +7 -0
- data/config/locales/devise.en.yml +59 -0
- data/config/routes.rb +5 -0
- data/lib/devise_token_auth.rb +9 -0
- data/lib/devise_token_auth/controllers/helpers.rb +129 -0
- data/lib/devise_token_auth/controllers/url_helpers.rb +8 -0
- data/lib/devise_token_auth/engine.rb +32 -0
- data/lib/devise_token_auth/models/token_authenticatable.rb +195 -0
- data/lib/devise_token_auth/rails/routes.rb +65 -0
- data/lib/generators/devise_token_auth/USAGE +31 -0
- data/lib/generators/devise_token_auth/install_generator.rb +100 -0
- data/lib/generators/devise_token_auth/install_views_generator.rb +16 -0
- data/lib/generators/devise_token_auth/templates/devise_token_auth.rb +22 -0
- data/lib/generators/devise_token_auth/templates/devise_token_auth_add_token_info_to_users.rb.erb +14 -0
- data/lib/tasks/devise_token_auth_tasks.rake +4 -0
- data/lib/xing_backend_token_auth.rb +1 -0
- data/test/controllers/demo_group_controller_test.rb +126 -0
- data/test/controllers/demo_mang_controller_test.rb +263 -0
- data/test/controllers/demo_user_controller_test.rb +262 -0
- data/test/controllers/devise_token_auth/confirmations_controller_test.rb +107 -0
- data/test/controllers/devise_token_auth/omniauth_callbacks_controller_test.rb +144 -0
- data/test/controllers/devise_token_auth/passwords_controller_test.rb +275 -0
- data/test/controllers/devise_token_auth/registrations_controller_test.rb +405 -0
- data/test/controllers/devise_token_auth/registrations_controller_test.rb.orig +494 -0
- data/test/controllers/devise_token_auth/sessions_controller_test.rb +169 -0
- data/test/controllers/overrides/confirmations_controller_test.rb +44 -0
- data/test/controllers/overrides/omniauth_callbacks_controller_test.rb +44 -0
- data/test/controllers/overrides/passwords_controller_test.rb +64 -0
- data/test/controllers/overrides/registrations_controller_test.rb +42 -0
- data/test/controllers/overrides/sessions_controller_test.rb +35 -0
- data/test/controllers/overrides/token_validations_controller_test.rb +38 -0
- data/test/dummy/README.rdoc +28 -0
- data/test/dummy/Rakefile +6 -0
- data/test/dummy/app/assets/images/logo.jpg +0 -0
- data/test/dummy/app/assets/images/omniauth-provider-settings.png +0 -0
- data/test/dummy/app/assets/javascripts/application.js +13 -0
- data/test/dummy/app/assets/stylesheets/application.css +15 -0
- data/test/dummy/app/controllers/application_controller.rb +16 -0
- data/test/dummy/app/controllers/demo_group_controller.rb +13 -0
- data/test/dummy/app/controllers/demo_mang_controller.rb +12 -0
- data/test/dummy/app/controllers/demo_user_controller.rb +12 -0
- data/test/dummy/app/controllers/overrides/confirmations_controller.rb +32 -0
- data/test/dummy/app/controllers/overrides/omniauth_callbacks_controller.rb +14 -0
- data/test/dummy/app/controllers/overrides/passwords_controller.rb +39 -0
- data/test/dummy/app/controllers/overrides/registrations_controller.rb +27 -0
- data/test/dummy/app/controllers/overrides/sessions_controller.rb +26 -0
- data/test/dummy/app/controllers/overrides/token_validations_controller.rb +23 -0
- data/test/dummy/app/controllers/registrations_controller.rb +2 -0
- data/test/dummy/app/helpers/application_helper.rb +1065 -0
- data/test/dummy/app/models/evil_user.rb +5 -0
- data/test/dummy/app/models/mang.rb +5 -0
- data/test/dummy/app/models/user.rb +20 -0
- data/test/dummy/app/views/layouts/application.html.erb +14 -0
- data/test/dummy/bin/bundle +3 -0
- data/test/dummy/bin/rails +8 -0
- data/test/dummy/bin/rake +8 -0
- data/test/dummy/bin/spring +18 -0
- data/test/dummy/config.ru +16 -0
- data/test/dummy/config/application.rb +23 -0
- data/test/dummy/config/boot.rb +5 -0
- data/test/dummy/config/database.yml +31 -0
- data/test/dummy/config/environment.rb +5 -0
- data/test/dummy/config/environments/development.rb +44 -0
- data/test/dummy/config/environments/production.rb +82 -0
- data/test/dummy/config/environments/test.rb +40 -0
- data/test/dummy/config/initializers/assets.rb +8 -0
- data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
- data/test/dummy/config/initializers/cookies_serializer.rb +3 -0
- data/test/dummy/config/initializers/devise_token_auth.rb +22 -0
- data/test/dummy/config/initializers/figaro.rb +1 -0
- data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -0
- data/test/dummy/config/initializers/inflections.rb +16 -0
- data/test/dummy/config/initializers/mime_types.rb +4 -0
- data/test/dummy/config/initializers/omniauth.rb +8 -0
- data/test/dummy/config/initializers/session_store.rb +3 -0
- data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
- data/test/dummy/config/locales/en.yml +23 -0
- data/test/dummy/config/routes.rb +32 -0
- data/test/dummy/config/secrets.yml +22 -0
- data/test/dummy/config/spring.rb +1 -0
- data/test/dummy/db/migrate/20140715061447_devise_token_auth_create_users.rb +56 -0
- data/test/dummy/db/migrate/20140715061805_devise_token_auth_create_mangs.rb +56 -0
- data/test/dummy/db/migrate/20140829044006_add_operating_thetan_to_user.rb +6 -0
- data/test/dummy/db/migrate/20140916224624_add_favorite_color_to_mangs.rb +5 -0
- data/test/dummy/db/migrate/20140928231203_devise_token_auth_create_evil_users.rb +57 -0
- data/test/dummy/db/schema.rb +111 -0
- data/test/dummy/public/404.html +67 -0
- data/test/dummy/public/422.html +67 -0
- data/test/dummy/public/500.html +66 -0
- data/test/dummy/public/favicon.ico +0 -0
- data/test/fixtures/evil_users.yml +29 -0
- data/test/fixtures/mangs.yml +29 -0
- data/test/fixtures/users.yml +29 -0
- data/test/integration/navigation_test.rb +10 -0
- data/test/lib/generators/devise_token_auth/install_generator_test.rb +131 -0
- data/test/lib/generators/devise_token_auth/install_views_generator_test.rb +23 -0
- data/test/models/user_test.rb +81 -0
- data/test/test_helper.rb +60 -0
- metadata +320 -0
|
@@ -0,0 +1,169 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
# was the web request successful?
|
|
4
|
+
# was the user redirected to the right page?
|
|
5
|
+
# was the user successfully authenticated?
|
|
6
|
+
# was the correct object stored in the response?
|
|
7
|
+
# was the appropriate message delivered in the json payload?
|
|
8
|
+
|
|
9
|
+
class DeviseTokenAuth::SessionsControllerTest < ActionController::TestCase
|
|
10
|
+
|
|
11
|
+
describe DeviseTokenAuth::SessionsController do
|
|
12
|
+
describe "Confirmed user" do
|
|
13
|
+
before do
|
|
14
|
+
@existing_user = users(:confirmed_email_user)
|
|
15
|
+
@existing_user.skip_confirmation!
|
|
16
|
+
@existing_user.save!
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
describe 'success' do
|
|
20
|
+
before do
|
|
21
|
+
xhr :post, :create, {
|
|
22
|
+
user: {
|
|
23
|
+
email: @existing_user.email,
|
|
24
|
+
password: 'secret123'
|
|
25
|
+
}
|
|
26
|
+
}
|
|
27
|
+
|
|
28
|
+
@user = assigns(:user)
|
|
29
|
+
@data = JSON.parse(response.body)
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
test "request should succeed" do
|
|
33
|
+
assert_equal 200, response.status
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
test "request should return user data" do
|
|
37
|
+
assert_equal @existing_user.email, @data['data']['email']
|
|
38
|
+
end
|
|
39
|
+
end
|
|
40
|
+
|
|
41
|
+
describe 'authed user sign out' do
|
|
42
|
+
before do
|
|
43
|
+
@auth_headers = @existing_user.create_new_auth_token
|
|
44
|
+
request.headers.merge!(@auth_headers)
|
|
45
|
+
xhr :delete, :destroy, format: :json
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
test "user is successfully logged out" do
|
|
49
|
+
assert_equal 200, response.status
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
test "token was destroyed" do
|
|
53
|
+
@existing_user.reload
|
|
54
|
+
refute @existing_user.tokens[@auth_headers["client"]]
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
describe 'unauthed user sign out' do
|
|
59
|
+
before do
|
|
60
|
+
@auth_headers = @existing_user.create_new_auth_token
|
|
61
|
+
xhr :delete, :destroy, format: :json
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
test "unauthed request returns 404" do
|
|
65
|
+
assert_equal 404, response.status
|
|
66
|
+
end
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
describe 'failure' do
|
|
70
|
+
before do
|
|
71
|
+
xhr :post, :create, {
|
|
72
|
+
user: {
|
|
73
|
+
email: @existing_user.email,
|
|
74
|
+
password: 'bogus'
|
|
75
|
+
}
|
|
76
|
+
}
|
|
77
|
+
|
|
78
|
+
@user = assigns(:user)
|
|
79
|
+
@data = JSON.parse(response.body)
|
|
80
|
+
end
|
|
81
|
+
|
|
82
|
+
test "request should fail" do
|
|
83
|
+
assert_equal 401, response.status
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
test "response should contain errors" do
|
|
87
|
+
assert @data['errors']
|
|
88
|
+
end
|
|
89
|
+
end
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
describe "Unconfirmed user" do
|
|
93
|
+
before do
|
|
94
|
+
@unconfirmed_user = users(:unconfirmed_email_user)
|
|
95
|
+
xhr :post, :create, {
|
|
96
|
+
user: {
|
|
97
|
+
email: @unconfirmed_user.email,
|
|
98
|
+
password: 'secret123'
|
|
99
|
+
}
|
|
100
|
+
}
|
|
101
|
+
@user = assigns(:user)
|
|
102
|
+
@data = JSON.parse(response.body)
|
|
103
|
+
end
|
|
104
|
+
|
|
105
|
+
test "request should fail" do
|
|
106
|
+
assert_equal 401, response.status
|
|
107
|
+
end
|
|
108
|
+
|
|
109
|
+
test "response should contain errors" do
|
|
110
|
+
assert @data['errors']
|
|
111
|
+
end
|
|
112
|
+
end
|
|
113
|
+
|
|
114
|
+
describe "Non-existing user" do
|
|
115
|
+
before do
|
|
116
|
+
xhr :post, :create, {
|
|
117
|
+
user: {
|
|
118
|
+
email: -> { Faker::Internet.email },
|
|
119
|
+
password: -> { Faker::Number.number(10) },
|
|
120
|
+
}
|
|
121
|
+
}
|
|
122
|
+
@user = assigns(:user)
|
|
123
|
+
@data = JSON.parse(response.body)
|
|
124
|
+
end
|
|
125
|
+
|
|
126
|
+
test "request should fail" do
|
|
127
|
+
assert_equal 401, response.status
|
|
128
|
+
end
|
|
129
|
+
|
|
130
|
+
test "response should contain errors" do
|
|
131
|
+
assert @data['errors']
|
|
132
|
+
end
|
|
133
|
+
end
|
|
134
|
+
|
|
135
|
+
describe "Alternate user class" do
|
|
136
|
+
setup do
|
|
137
|
+
@request.env['devise.mapping'] = Devise.mappings[:mang]
|
|
138
|
+
end
|
|
139
|
+
|
|
140
|
+
teardown do
|
|
141
|
+
@request.env['devise.mapping'] = Devise.mappings[:user]
|
|
142
|
+
end
|
|
143
|
+
|
|
144
|
+
before do
|
|
145
|
+
@existing_user = mangs(:confirmed_email_user)
|
|
146
|
+
@existing_user.skip_confirmation!
|
|
147
|
+
@existing_user.save!
|
|
148
|
+
|
|
149
|
+
xhr :post, :create, {
|
|
150
|
+
mang: {
|
|
151
|
+
email: @existing_user.email,
|
|
152
|
+
password: 'secret123'
|
|
153
|
+
}
|
|
154
|
+
}
|
|
155
|
+
|
|
156
|
+
@user = assigns(:user)
|
|
157
|
+
@data = JSON.parse(response.body)
|
|
158
|
+
end
|
|
159
|
+
|
|
160
|
+
test "request should succeed" do
|
|
161
|
+
assert_equal 200, response.status
|
|
162
|
+
end
|
|
163
|
+
|
|
164
|
+
test "request should return user data" do
|
|
165
|
+
assert_equal @existing_user.email, @data['data']['email']
|
|
166
|
+
end
|
|
167
|
+
end
|
|
168
|
+
end
|
|
169
|
+
end
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
# was the web request successful?
|
|
4
|
+
# was the user redirected to the right page?
|
|
5
|
+
# was the user successfully authenticated?
|
|
6
|
+
# was the correct object stored in the response?
|
|
7
|
+
# was the appropriate message delivered in the json payload?
|
|
8
|
+
|
|
9
|
+
class Overrides::ConfirmationsControllerTest < ActionDispatch::IntegrationTest
|
|
10
|
+
describe Overrides::ConfirmationsController do
|
|
11
|
+
before do
|
|
12
|
+
@redirect_url = Faker::Internet.url
|
|
13
|
+
@new_user = evil_users(:unconfirmed_email_user)
|
|
14
|
+
|
|
15
|
+
# generate + send email
|
|
16
|
+
@new_user.send_confirmation_instructions({
|
|
17
|
+
redirect_url: @redirect_url
|
|
18
|
+
})
|
|
19
|
+
|
|
20
|
+
@mail = ActionMailer::Base.deliveries.last
|
|
21
|
+
@confirmation_path = @mail.body.match(/localhost([^\"]*)\"/)[1]
|
|
22
|
+
|
|
23
|
+
# visit confirmation link
|
|
24
|
+
get @confirmation_path
|
|
25
|
+
|
|
26
|
+
# reload user from db
|
|
27
|
+
@new_user.reload
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
test "user is confirmed" do
|
|
31
|
+
assert @new_user.confirmed?
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
test "user can be authenticated via confirmation link" do
|
|
35
|
+
# hard coded in override controller
|
|
36
|
+
override_proof_str = "(^^,)"
|
|
37
|
+
|
|
38
|
+
# ensure present in redirect URL
|
|
39
|
+
override_proof_param = URI.unescape(response.headers["Location"].match(/override_proof=([^&]*)&/)[1])
|
|
40
|
+
|
|
41
|
+
assert_equal override_proof_str, override_proof_param
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
end
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
# was the web request successful?
|
|
4
|
+
# was the user redirected to the right page?
|
|
5
|
+
# was the user successfully authenticated?
|
|
6
|
+
# was the correct object stored in the response?
|
|
7
|
+
# was the appropriate message delivered in the json payload?
|
|
8
|
+
|
|
9
|
+
class Overrides::OmniauthCallbacksControllerTest < ActionDispatch::IntegrationTest
|
|
10
|
+
describe Overrides::OmniauthCallbacksController do
|
|
11
|
+
setup do
|
|
12
|
+
OmniAuth.config.test_mode = true
|
|
13
|
+
OmniAuth.config.mock_auth[:facebook] = OmniAuth::AuthHash.new({
|
|
14
|
+
:provider => 'facebook',
|
|
15
|
+
:uid => '123545',
|
|
16
|
+
:info => {
|
|
17
|
+
name: 'chong',
|
|
18
|
+
email: 'chongbong@aol.com'
|
|
19
|
+
}
|
|
20
|
+
})
|
|
21
|
+
|
|
22
|
+
@favorite_color = "gray"
|
|
23
|
+
|
|
24
|
+
get_via_redirect '/evil_user_auth/facebook', {
|
|
25
|
+
auth_origin_url: Faker::Internet.url,
|
|
26
|
+
favorite_color: @favorite_color
|
|
27
|
+
}
|
|
28
|
+
|
|
29
|
+
@user = assigns(:user)
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
test 'request is successful' do
|
|
33
|
+
assert_equal 200, response.status
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
test 'controller was overridden' do
|
|
37
|
+
assert_equal @user.nickname, Overrides::OmniauthCallbacksController::DEFAULT_NICKNAME
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
test 'whitelisted param was allowed' do
|
|
41
|
+
assert_equal @favorite_color, @user.favorite_color
|
|
42
|
+
end
|
|
43
|
+
end
|
|
44
|
+
end
|
|
@@ -0,0 +1,64 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
# was the web request successful?
|
|
4
|
+
# was the user redirected to the right page?
|
|
5
|
+
# was the user successfully authenticated?
|
|
6
|
+
# was the correct object stored in the response?
|
|
7
|
+
# was the appropriate message delivered in the json payload?
|
|
8
|
+
|
|
9
|
+
class Overrides::PasswordsControllerTest < ActionDispatch::IntegrationTest
|
|
10
|
+
describe Overrides::PasswordsController do
|
|
11
|
+
before do
|
|
12
|
+
@user = evil_users(:confirmed_email_user)
|
|
13
|
+
@redirect_url = Faker::Internet.url
|
|
14
|
+
|
|
15
|
+
post "/evil_user_auth/password", {
|
|
16
|
+
evil_user: {
|
|
17
|
+
email: @user.email,
|
|
18
|
+
},
|
|
19
|
+
redirect_url: @redirect_url
|
|
20
|
+
}
|
|
21
|
+
|
|
22
|
+
@mail = ActionMailer::Base.deliveries.last
|
|
23
|
+
@user.reload
|
|
24
|
+
|
|
25
|
+
@mail_config_name = CGI.unescape(@mail.body.match(/config=([^&]*)&/)[1])
|
|
26
|
+
@mail_redirect_url = CGI.unescape(@mail.body.match(/redirect_url=([^&]*)&/)[1])
|
|
27
|
+
@mail_reset_token = @mail.body.match(/reset_password_token=(.*)\"/)[1]
|
|
28
|
+
|
|
29
|
+
get '/evil_user_auth/password/edit', {
|
|
30
|
+
reset_password_token: @mail_reset_token,
|
|
31
|
+
redirect_url: @mail_redirect_url
|
|
32
|
+
}
|
|
33
|
+
|
|
34
|
+
@user.reload
|
|
35
|
+
|
|
36
|
+
raw_qs = response.location.split('?')[1]
|
|
37
|
+
@qs = Rack::Utils.parse_nested_query(raw_qs)
|
|
38
|
+
|
|
39
|
+
@client_id = @qs["client_id"]
|
|
40
|
+
@expiry = @qs["expiry"]
|
|
41
|
+
@reset_password = @qs["reset_password"]
|
|
42
|
+
@token = @qs["token"]
|
|
43
|
+
@uid = @qs["uid"]
|
|
44
|
+
@override_proof = @qs["override_proof"]
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
test 'respones should have success redirect status' do
|
|
48
|
+
assert_equal 302, response.status
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
test 'response should contain auth params + override proof' do
|
|
52
|
+
assert @client_id
|
|
53
|
+
assert @expiry
|
|
54
|
+
assert @reset_password
|
|
55
|
+
assert @token
|
|
56
|
+
assert @uid
|
|
57
|
+
assert @override_proof
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
test 'override proof is correct' do
|
|
61
|
+
assert_equal @override_proof, Overrides::PasswordsController::OVERRIDE_PROOF
|
|
62
|
+
end
|
|
63
|
+
end
|
|
64
|
+
end
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
# was the web request successful?
|
|
4
|
+
# was the user redirected to the right page?
|
|
5
|
+
# was the user successfully authenticated?
|
|
6
|
+
# was the correct object stored in the response?
|
|
7
|
+
# was the appropriate message delivered in the json payload?
|
|
8
|
+
|
|
9
|
+
class Overrides::RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
10
|
+
describe Overrides::RegistrationsController do
|
|
11
|
+
setup do
|
|
12
|
+
@existing_user = evil_users(:confirmed_email_user)
|
|
13
|
+
@auth_headers = @existing_user.create_new_auth_token
|
|
14
|
+
@client_id = @auth_headers['client']
|
|
15
|
+
@favorite_color = "pink"
|
|
16
|
+
|
|
17
|
+
|
|
18
|
+
# ensure request is not treated as batch request
|
|
19
|
+
age_token(@existing_user, @client_id)
|
|
20
|
+
|
|
21
|
+
# test valid update param
|
|
22
|
+
@new_operating_thetan = 1000000
|
|
23
|
+
|
|
24
|
+
put '/evil_user_auth', {
|
|
25
|
+
evil_user: {
|
|
26
|
+
favorite_color: @favorite_color
|
|
27
|
+
}
|
|
28
|
+
}, @auth_headers
|
|
29
|
+
|
|
30
|
+
@data = JSON.parse(response.body)
|
|
31
|
+
@existing_user.reload
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
test 'user was updated' do
|
|
35
|
+
assert_equal @favorite_color, @existing_user.favorite_color
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
test 'controller was overridden' do
|
|
39
|
+
assert_equal Overrides::RegistrationsController::OVERRIDE_PROOF, @data["override_proof"]
|
|
40
|
+
end
|
|
41
|
+
end
|
|
42
|
+
end
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
# was the web request successful?
|
|
4
|
+
# was the user redirected to the right page?
|
|
5
|
+
# was the user successfully authenticated?
|
|
6
|
+
# was the correct object stored in the response?
|
|
7
|
+
# was the appropriate message delivered in the json payload?
|
|
8
|
+
|
|
9
|
+
class Overrides::RegistrationsControllerTest < ActionDispatch::IntegrationTest
|
|
10
|
+
describe Overrides::RegistrationsController do
|
|
11
|
+
before do
|
|
12
|
+
@existing_user = evil_users(:confirmed_email_user)
|
|
13
|
+
@existing_user.skip_confirmation!
|
|
14
|
+
@existing_user.save!
|
|
15
|
+
|
|
16
|
+
post '/evil_user_auth/sign_in', {
|
|
17
|
+
evil_user: {
|
|
18
|
+
email: @existing_user.email,
|
|
19
|
+
password: 'secret123'
|
|
20
|
+
}
|
|
21
|
+
}
|
|
22
|
+
|
|
23
|
+
@user = assigns(:user)
|
|
24
|
+
@data = JSON.parse(response.body)
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
test "request should succeed" do
|
|
28
|
+
assert_equal 200, response.status
|
|
29
|
+
end
|
|
30
|
+
|
|
31
|
+
test 'controller was overridden' do
|
|
32
|
+
assert_equal Overrides::RegistrationsController::OVERRIDE_PROOF, @data['override_proof']
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
end
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
require 'test_helper'
|
|
2
|
+
|
|
3
|
+
# was the web request successful?
|
|
4
|
+
# was the user redirected to the right page?
|
|
5
|
+
# was the user successfully authenticated?
|
|
6
|
+
# was the correct object stored in the response?
|
|
7
|
+
# was the appropriate message delivered in the json payload?
|
|
8
|
+
|
|
9
|
+
class Overrides::TokenValidationsControllerTest < ActionDispatch::IntegrationTest
|
|
10
|
+
describe Overrides::TokenValidationsController do
|
|
11
|
+
before do
|
|
12
|
+
@user = evil_users(:confirmed_email_user)
|
|
13
|
+
@user.skip_confirmation!
|
|
14
|
+
@user.save!
|
|
15
|
+
|
|
16
|
+
@auth_headers = @user.create_new_auth_token
|
|
17
|
+
|
|
18
|
+
@token = @auth_headers['access-token']
|
|
19
|
+
@client_id = @auth_headers['client']
|
|
20
|
+
@expiry = @auth_headers['expiry']
|
|
21
|
+
|
|
22
|
+
# ensure that request is not treated as batch request
|
|
23
|
+
age_token(@user, @client_id)
|
|
24
|
+
|
|
25
|
+
get '/evil_user_auth/validate_token', {}, @auth_headers
|
|
26
|
+
|
|
27
|
+
@resp = JSON.parse(response.body)
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
test "token valid" do
|
|
31
|
+
assert_equal 200, response.status
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
test "controller was overridden" do
|
|
35
|
+
assert_equal Overrides::TokenValidationsController::OVERRIDE_PROOF, @resp["override_proof"]
|
|
36
|
+
end
|
|
37
|
+
end
|
|
38
|
+
end
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
== README
|
|
2
|
+
|
|
3
|
+
This README would normally document whatever steps are necessary to get the
|
|
4
|
+
application up and running.
|
|
5
|
+
|
|
6
|
+
Things you may want to cover:
|
|
7
|
+
|
|
8
|
+
* Ruby version
|
|
9
|
+
|
|
10
|
+
* System dependencies
|
|
11
|
+
|
|
12
|
+
* Configuration
|
|
13
|
+
|
|
14
|
+
* Database creation
|
|
15
|
+
|
|
16
|
+
* Database initialization
|
|
17
|
+
|
|
18
|
+
* How to run the test suite
|
|
19
|
+
|
|
20
|
+
* Services (job queues, cache servers, search engines, etc.)
|
|
21
|
+
|
|
22
|
+
* Deployment instructions
|
|
23
|
+
|
|
24
|
+
* ...
|
|
25
|
+
|
|
26
|
+
|
|
27
|
+
Please feel free to use a different markup language if you do not plan to run
|
|
28
|
+
<tt>rake doc:app</tt>.
|