From b90b16b754dcd47109112abc95de177b85bf4bc3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mislav=20Marohnic=CC=81?= <mislav.marohnic@gmail.com>
Date: Tue, 8 May 2012 13:01:35 +0200
Subject: [PATCH] test OAuth authentication flow

---
 features/authentication.feature | 61 +++++++++++++++++++++++++++++++++
 lib/hub/github_api.rb           | 11 ++++--
 2 files changed, 69 insertions(+), 3 deletions(-)
 create mode 100644 features/authentication.feature

diff --git a/features/authentication.feature b/features/authentication.feature
new file mode 100644
index 000000000..8d8f9dcb1
--- /dev/null
+++ b/features/authentication.feature
@@ -0,0 +1,61 @@
+Feature: OAuth authentication
+  Background:
+    Given I am in "dotfiles" git repo
+
+  Scenario: Ask for username & password, create authorization
+    Given the GitHub API server:
+      """
+      require 'rack/auth/basic'
+      get('/authorizations') { '[]' }
+      post('/authorizations') {
+        auth = Rack::Auth::Basic::Request.new(env)
+        halt 401 unless auth.credentials == %w[mislav kitty]
+        halt 400 unless params[:scopes] == ['repo']
+        body :token => 'OTOKEN'
+      }
+      post('/user/repos') { status 200 }
+      """
+    When I run `hub create` interactively
+    When I type "mislav"
+    And I type "kitty"
+    Then the output should contain "github.com username:"
+    And the output should contain "github.com password for mislav (never stored):"
+    And the exit status should be 0
+    And the file "../home/.config/hub" should contain "oauth_token: OTOKEN"
+
+  Scenario: Ask for username & password, re-use existing authorization
+    Given the GitHub API server:
+      """
+      require 'rack/auth/basic'
+      get('/authorizations') {
+        auth = Rack::Auth::Basic::Request.new(env)
+        halt 401 unless auth.credentials == %w[mislav kitty]
+        body [
+          {:token => 'SKIPPD', :app => {:url => 'http://example.com'}},
+          {:token => 'OTOKEN', :app => {:url => 'http://defunkt.io/hub/'}}
+        ]
+      }
+      post('/user/repos') { status 200 }
+      """
+    When I run `hub create` interactively
+    When I type "mislav"
+    And I type "kitty"
+    Then the output should contain "github.com password for mislav (never stored):"
+    And the exit status should be 0
+    And the file "../home/.config/hub" should contain "oauth_token: OTOKEN"
+
+  Scenario: Wrong password
+    Given the GitHub API server:
+      """
+      require 'rack/auth/basic'
+      get('/authorizations') {
+        auth = Rack::Auth::Basic::Request.new(env)
+        halt 401 unless auth.credentials == %w[mislav kitty]
+      }
+      """
+    When I run `hub create` interactively
+    When I type "mislav"
+    And I type "WRONG"
+    Then the stderr should contain "Error creating repository: Unauthorized (HTTP 401)"
+    And the exit status should be 1
+    And the file "../home/.config/hub" should not exist
diff --git a/lib/hub/github_api.rb b/lib/hub/github_api.rb
index 1e27acb96..c9766934b 100644
--- a/lib/hub/github_api.rb
+++ b/lib/hub/github_api.rb
@@ -343,9 +343,14 @@ def prompt what
       # special prompt that has hidden input
       def prompt_password host, user
         print "#{host} password for #{user} (never stored): "
-        password = askpass
-        puts ''
-        password
+        if $stdin.tty?
+          password = askpass
+          puts ''
+          password
+        else
+          # in testing
+          $stdin.gets.chomp
+        end
       end
 
       # FIXME: probably not cross-platform