Permalink
Browse files

Initial import, specs are passing but nothing is checked to be actual…

…ly working yet.
  • Loading branch information...
0 parents commit 61c96eeaaabc1a70cdd30e1cc4b30d71eea3d8e5 Michael Bleigh committed Sep 22, 2011
Showing with 319 additions and 0 deletions.
  1. +17 −0 .gitignore
  2. +2 −0 .rspec
  3. +12 −0 Gemfile
  4. +11 −0 Guardfile
  5. +9 −0 Rakefile
  6. +3 −0 lib/omniauth-oauth.rb
  7. +5 −0 lib/omniauth-oauth/version.rb
  8. +89 −0 lib/omniauth/strategies/oauth.rb
  9. +24 −0 omniauth-oauth.gemspec
  10. +131 −0 spec/omniauth/strategies/oauth_spec.rb
  11. +16 −0 spec/spec_helper.rb
@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp
2 .rspec
@@ -0,0 +1,2 @@
+--color
+--format=progress
12 Gemfile
@@ -0,0 +1,12 @@
+source 'http://rubygems.org'
+
+gem 'omniauth', :git => 'git://github.com/intridea/omniauth.git'
+gemspec
+
+group :development, :test do
+ gem 'guard'
+ gem 'guard-rspec'
+ gem 'guard-bundler'
+ gem 'growl'
+ gem 'rb-fsevent'
+end
@@ -0,0 +1,11 @@
+guard 'rspec', :version => 2 do
+ watch(%r{^spec/.+_spec\.rb$})
+ watch(%r{^lib/(.+)\.rb$}) { |m| "spec/#{m[1]}_spec.rb" }
+ watch('spec/spec_helper.rb') { "spec" }
+end
+
+
+guard 'bundler' do
+ watch('Gemfile')
+ watch(/^.+\.gemspec/)
+end
@@ -0,0 +1,9 @@
+#!/usr/bin/env rake
+require "bundler/gem_tasks"
+require 'rspec/core/rake_task'
+
+desc 'Default: run specs.'
+task :default => :spec
+
+desc "Run specs"
+RSpec::Core::RakeTask.new
@@ -0,0 +1,3 @@
+require "omniauth-oauth/version"
+require 'omniauth/strategies/oauth'
+
@@ -0,0 +1,5 @@
+module OmniAuth
+ module OAuth
+ VERSION = "1.0.0.alpha"
+ end
+end
@@ -0,0 +1,89 @@
+require 'multi_json'
+require 'oauth'
+require 'omniauth'
+
+module OmniAuth
+ module Strategies
+ class OAuth
+ include OmniAuth::Strategy
+
+ def initialize(app, name, consumer_key=nil, consumer_secret=nil, consumer_options={}, options={}, &block)
+ self.consumer_key = consumer_key
+ self.consumer_secret = consumer_secret
+ self.consumer_options = consumer_options
+ super
+ self.options[:open_timeout] ||= 30
+ self.options[:read_timeout] ||= 30
+ self.options[:authorize_params] = options[:authorize_params] || {}
+ end
+
+ def consumer
+ consumer = ::OAuth::Consumer.new(consumer_key, consumer_secret, consumer_options.merge(options[:client_options] || options[:consumer_options] || {}))
+ consumer.http.open_timeout = options[:open_timeout] if options[:open_timeout]
+ consumer.http.read_timeout = options[:read_timeout] if options[:read_timeout]
+ consumer
+ end
+
+ attr_reader :name
+ attr_accessor :consumer_key, :consumer_secret, :consumer_options
+
+ def request_phase
+ request_token = consumer.get_request_token(:oauth_callback => callback_url)
+ session['oauth'] ||= {}
+ session['oauth'][name.to_s] = {'callback_confirmed' => request_token.callback_confirmed?, 'request_token' => request_token.token, 'request_secret' => request_token.secret}
+
+ if request_token.callback_confirmed?
+ redirect request_token.authorize_url(options[:authorize_params])
+ else
+ redirect request_token.authorize_url(options[:authorize_params].merge(:oauth_callback => callback_url))
+ end
+
+ rescue ::Timeout::Error => e
+ fail!(:timeout, e)
+ rescue ::Net::HTTPFatalError, ::OpenSSL::SSL::SSLError => e
+ fail!(:service_unavailable, e)
+ end
+
+ def callback_phase
+ raise OmniAuth::NoSessionError.new("Session Expired") if session['oauth'].nil?
+
+ request_token = ::OAuth::RequestToken.new(consumer, session['oauth'][name.to_s].delete('request_token'), session['oauth'][name.to_s].delete('request_secret'))
+
+ opts = {}
+ if session['oauth'][name.to_s]['callback_confirmed']
+ opts[:oauth_verifier] = request['oauth_verifier']
+ else
+ opts[:oauth_callback] = callback_url
+ end
+
+ @access_token = request_token.get_access_token(opts)
+ super
+ rescue ::Timeout::Error => e
+ fail!(:timeout, e)
+ rescue ::Net::HTTPFatalError, ::OpenSSL::SSL::SSLError => e
+ fail!(:service_unavailable, e)
+ rescue ::OAuth::Unauthorized => e
+ fail!(:invalid_credentials, e)
+ rescue ::NoMethodError, ::MultiJson::DecodeError => e
+ fail!(:invalid_response, e)
+ rescue ::OmniAuth::NoSessionError => e
+ fail!(:session_expired, e)
+ end
+
+ def auth_hash
+ OmniAuth::Utils.deep_merge(super, {
+ 'credentials' => {
+ 'token' => @access_token.token,
+ 'secret' => @access_token.secret
+ }, 'extra' => {
+ 'access_token' => @access_token
+ }
+ })
+ end
+
+ def unique_id
+ nil
+ end
+ end
+ end
+end
@@ -0,0 +1,24 @@
+# -*- encoding: utf-8 -*-
+require File.expand_path('../lib/omniauth-oauth/version', __FILE__)
+
+Gem::Specification.new do |gem|
+ gem.authors = ["Michael Bleigh"]
+ gem.email = ["michael@intridea.com"]
+ gem.description = %q{A generic OAuth (1.0/1.0a) strategy for OmniAuth.}
+ gem.summary = %q{A generic OAuth (1.0/1.0a) strategy for OmniAuth.}
+ gem.homepage = "https://github.com/intridea/omniauth-oauth"
+
+ gem.add_runtime_dependency 'omniauth', '~> 1.0.0.alpha'
+ gem.add_runtime_dependency 'oauth'
+ gem.add_development_dependency 'rspec', '~> 2.6'
+ gem.add_development_dependency 'webmock'
+ gem.add_development_dependency 'simplecov'
+ gem.add_development_dependency 'rack-test'
+
+ gem.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+ gem.files = `git ls-files`.split("\n")
+ gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
+ gem.name = "omniauth-oauth"
+ gem.require_paths = ["lib"]
+ gem.version = OmniAuth::OAuth::VERSION
+end
@@ -0,0 +1,131 @@
+require 'spec_helper'
+
+describe "OmniAuth::Strategies::OAuth" do
+
+ def app
+ Rack::Builder.new {
+ use OmniAuth::Test::PhonySession
+ use OmniAuth::Builder do
+ provider :oauth, 'example.org', 'abc', 'def', :site => 'https://api.example.org'
+ provider :oauth, 'example.org_with_authorize_params', 'abc', 'def', { :site => 'https://api.example.org' }, :authorize_params => {:abc => 'def'}
+ end
+ run lambda { |env| [404, {'Content-Type' => 'text/plain'}, [env.key?('omniauth.auth').to_s]] }
+ }.to_app
+ end
+
+ def session
+ last_request.env['rack.session']
+ end
+
+ before do
+ stub_request(:post, 'https://api.example.org/oauth/request_token').
+ to_return(:body => "oauth_token=yourtoken&oauth_token_secret=yoursecret&oauth_callback_confirmed=true")
+ end
+
+ describe '/auth/{name}' do
+ context 'successful' do
+ before do
+ get '/auth/example.org'
+ end
+ it 'should redirect to authorize_url' do
+ last_response.should be_redirect
+ last_response.headers['Location'].should == 'https://api.example.org/oauth/authorize?oauth_token=yourtoken'
+ end
+
+ it 'should redirect to authorize_url with authorize_params when set' do
+ get '/auth/example.org_with_authorize_params'
+ last_response.should be_redirect
+ [
+ 'https://api.example.org/oauth/authorize?abc=def&oauth_token=yourtoken',
+ 'https://api.example.org/oauth/authorize?oauth_token=yourtoken&abc=def'
+ ].should be_include(last_response.headers['Location'])
+ end
+
+ it 'should set appropriate session variables' do
+ session['oauth'].should == {"example.org" => {'callback_confirmed' => true, 'request_token' => 'yourtoken', 'request_secret' => 'yoursecret'}}
+ end
+ end
+
+ context 'unsuccessful' do
+ before do
+ stub_request(:post, 'https://api.example.org/oauth/request_token').
+ to_raise(::Net::HTTPFatalError.new(%Q{502 "Bad Gateway"}, nil))
+ get '/auth/example.org'
+ end
+
+ it 'should call fail! with :service_unavailable' do
+ last_request.env['omniauth.error'].should be_kind_of(::Net::HTTPFatalError)
+ last_request.env['omniauth.error.type'] = :service_unavailable
+ end
+
+ context "SSL failure" do
+ before do
+ stub_request(:post, 'https://api.example.org/oauth/request_token').
+ to_raise(::OpenSSL::SSL::SSLError.new("SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed"))
+ get '/auth/example.org'
+ end
+
+ it 'should call fail! with :service_unavailable' do
+ last_request.env['omniauth.error'].should be_kind_of(::OpenSSL::SSL::SSLError)
+ last_request.env['omniauth.error.type'] = :service_unavailable
+ end
+ end
+ end
+ end
+
+ describe '/auth/{name}/callback' do
+ before do
+ stub_request(:post, 'https://api.example.org/oauth/access_token').
+ to_return(:body => "oauth_token=yourtoken&oauth_token_secret=yoursecret")
+ get '/auth/example.org/callback', {:oauth_verifier => 'dudeman'}, {'rack.session' => {'oauth' => {"example.org" => {'callback_confirmed' => true, 'request_token' => 'yourtoken', 'request_secret' => 'yoursecret'}}}}
+ end
+
+ it 'should exchange the request token for an access token' do
+ last_request.env['omniauth.auth']['provider'].should == 'example.org'
+ last_request.env['omniauth.auth']['extra']['access_token'].should be_kind_of(OAuth::AccessToken)
+ end
+
+ it 'should call through to the master app' do
+ last_response.body.should == 'true'
+ end
+
+ context "bad gateway (or any 5xx) for access_token" do
+ before do
+ stub_request(:post, 'https://api.example.org/oauth/access_token').
+ to_raise(::Net::HTTPFatalError.new(%Q{502 "Bad Gateway"}, nil))
+ get '/auth/example.org/callback', {:oauth_verifier => 'dudeman'}, {'rack.session' => {'oauth' => {"example.org" => {'callback_confirmed' => true, 'request_token' => 'yourtoken', 'request_secret' => 'yoursecret'}}}}
+ end
+
+ it 'should call fail! with :service_unavailable' do
+ last_request.env['omniauth.error'].should be_kind_of(::Net::HTTPFatalError)
+ last_request.env['omniauth.error.type'] = :service_unavailable
+ end
+ end
+
+ context "SSL failure" do
+ before do
+ stub_request(:post, 'https://api.example.org/oauth/access_token').
+ to_raise(::OpenSSL::SSL::SSLError.new("SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed"))
+ get '/auth/example.org/callback', {:oauth_verifier => 'dudeman'}, {'rack.session' => {'oauth' => {"example.org" => {'callback_confirmed' => true, 'request_token' => 'yourtoken', 'request_secret' => 'yoursecret'}}}}
+ end
+
+ it 'should call fail! with :service_unavailable' do
+ last_request.env['omniauth.error'].should be_kind_of(::OpenSSL::SSL::SSLError)
+ last_request.env['omniauth.error.type'] = :service_unavailable
+ end
+ end
+ end
+
+ describe '/auth/{name}/callback with expired session' do
+ before do
+ stub_request(:post, 'https://api.example.org/oauth/access_token').
+ to_return(:body => "oauth_token=yourtoken&oauth_token_secret=yoursecret")
+ get '/auth/example.org/callback', {:oauth_verifier => 'dudeman'}, {'rack.session' => {}}
+ end
+
+ it 'should call fail! with :session_expired' do
+ last_request.env['omniauth.error'].should be_kind_of(::OmniAuth::NoSessionError)
+ last_request.env['omniauth.error.type'] = :session_expired
+ end
+ end
+end
@@ -0,0 +1,16 @@
+$:.unshift File.expand_path('..', __FILE__)
+$:.unshift File.expand_path('../../lib', __FILE__)
+require 'simplecov'
+SimpleCov.start
+require 'rspec'
+require 'rack/test'
+require 'webmock/rspec'
+require 'omniauth'
+require 'omniauth-oauth'
+
+RSpec.configure do |config|
+ config.include WebMock::API
+ config.include Rack::Test::Methods
+ config.extend OmniAuth::Test::StrategyMacros, :type => :strategy
+end
+

0 comments on commit 61c96ee

Please sign in to comment.