Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Initial added oauth provider

  • Loading branch information...
commit a7c1884dc666f13e69e4c0a2be1e26017ae5e4da 1 parent 5dfc5c4
@mmagnusek authored
Showing with 1,134 additions and 0 deletions.
  1. +5 −0 Gemfile
  2. +16 −0 Gemfile.lock
  3. +56 −0 app/controllers/oauth_clients_controller.rb
  4. +23 −0 app/controllers/oauth_controller.rb
  5. +16 −0 app/models/access_token.rb
  6. +73 −0 app/models/client_application.rb
  7. +20 −0 app/models/oauth2_token.rb
  8. +35 −0 app/models/oauth2_verifier.rb
  9. +24 −0 app/models/oauth_nonce.rb
  10. +46 −0 app/models/oauth_token.rb
  11. +36 −0 app/models/request_token.rb
  12. +3 −0  app/models/user.rb
  13. +16 −0 app/views/oauth/authorize.html.haml
  14. +1 −0  app/views/oauth/authorize_failure.html.haml
  15. +1 −0  app/views/oauth/authorize_success.html.haml
  16. +17 −0 app/views/oauth/oauth2_authorize.html.haml
  17. +20 −0 app/views/oauth_clients/_form.html.haml
  18. +4 −0 app/views/oauth_clients/edit.html.haml
  19. +39 −0 app/views/oauth_clients/index.html.haml
  20. +5 −0 app/views/oauth_clients/new.html.haml
  21. +30 −0 app/views/oauth_clients/show.html.haml
  22. +14 −0 config/routes.rb
  23. +176 −0 spec/controllers/oauth_clients_controller_spec.rb
  24. +29 −0 spec/models/client_application_spec.rb
  25. +52 −0 spec/models/oauth2_token_spec.rb
  26. +44 −0 spec/models/oauth2_verifier_spec.rb
  27. +24 −0 spec/models/oauth_nonce_spec.rb
  28. +309 −0 spec/models/oauth_token_spec.rb
View
5 Gemfile
@@ -14,6 +14,11 @@ gem 'bson_ext', '~> 1.4'
gem 'tenacity'
gem 'tire'
+gem 'oauth'
+gem "oauth-plugin", ">= 0.4.0.rc1"
+
+
+
# Gems used only for assets and not required
View
16 Gemfile.lock
@@ -67,6 +67,10 @@ GEM
factory_girl_rails (1.4.0)
factory_girl (~> 2.3.0)
railties (>= 3.0.0)
+ faraday (0.7.5)
+ addressable (~> 2.2.6)
+ multipart-post (~> 1.1.3)
+ rack (>= 1.1.0, < 2)
ffi (1.0.11)
growl (1.0.3)
guard (0.10.0)
@@ -137,8 +141,18 @@ GEM
mongoid-tree (0.6.2)
mongoid (~> 2.0)
multi_json (1.0.4)
+ multipart-post (1.1.4)
mysql2 (0.3.11)
nokogiri (1.5.0)
+ oauth (0.4.5)
+ oauth-plugin (0.4.0.rc2)
+ multi_json
+ oauth (~> 0.4.4)
+ oauth2
+ rack
+ oauth2 (0.5.2)
+ faraday (~> 0.7)
+ multi_json (~> 1.0)
polyglot (0.3.3)
pry (0.9.7.4)
coderay (~> 0.9.8)
@@ -299,6 +313,8 @@ DEPENDENCIES
mongoid (~> 2.3)
mongoid-tree
mysql2
+ oauth
+ oauth-plugin (>= 0.4.0.rc1)
pry
pry-nav
rails (= 3.1.3)
View
56 app/controllers/oauth_clients_controller.rb
@@ -0,0 +1,56 @@
+class OauthClientsController < ApplicationController
+ # before_filter :login_required
+ before_filter :get_client_application, :only => [:show, :edit, :update, :destroy]
+
+ def index
+ @client_applications = current_user.client_applications
+ @tokens = current_user.tokens
+ end
+
+ def new
+ @client_application = ClientApplication.new
+ end
+
+ def create
+ @client_application = current_user.client_applications.build(params[:client_application])
+ if @client_application.save
+ flash[:notice] = "Registered the information successfully"
+ redirect_to :action => "show", :id => @client_application.id
+ else
+ render :action => "new"
+ end
+ end
+
+ def show
+ end
+
+ def edit
+ end
+
+ def update
+ if @client_application.update_attributes(params[:client_application])
+ flash[:notice] = "Updated the client information successfully"
+ redirect_to :action => "show", :id => @client_application.id
+ else
+ render :action => "edit"
+ end
+ end
+
+ def destroy
+ @client_application.destroy
+ flash[:notice] = "Destroyed the client application registration"
+ redirect_to :action => "index"
+ end
+
+ private
+ def get_client_application
+ unless @client_application = current_user.client_applications.find(params[:id])
+ flash.now[:error] = "Wrong application id"
+ raise ActiveRecord::RecordNotFound
+ end
+ end
+
+ def current_user
+ User.first
+ end
+end
View
23 app/controllers/oauth_controller.rb
@@ -0,0 +1,23 @@
+require 'oauth/controllers/provider_controller'
+class OauthController < ApplicationController
+ include OAuth::Controllers::ProviderController
+
+ protected
+ # Override this to match your authorization page form
+ # It currently expects a checkbox called authorize
+ # def user_authorizes_token?
+ # params[:authorize] == '1'
+ # end
+
+ # should authenticate and return a user if valid password.
+ # This example should work with most Authlogic or Devise. Uncomment it
+ # def authenticate_user(username,password)
+ # user = User.find_by_email params[:username]
+ # if user && user.valid_password?(params[:password])
+ # user
+ # else
+ # nil
+ # end
+ # end
+
+end
View
16 app/models/access_token.rb
@@ -0,0 +1,16 @@
+class AccessToken < OauthToken
+ validates_presence_of :user, :secret
+ before_create :set_authorized_at
+
+ # Implement this to return a hash or array of the capabilities the access token has
+ # This is particularly useful if you have implemented user defined permissions.
+ # def capabilities
+ # {:invalidate=>"/oauth/invalidate",:capabilities=>"/oauth/capabilities"}
+ # end
+
+ protected
+
+ def set_authorized_at
+ self.authorized_at = Time.now
+ end
+end
View
73 app/models/client_application.rb
@@ -0,0 +1,73 @@
+require 'oauth'
+
+class ClientApplication
+ include Mongoid::Document
+ include Mongoid::Timestamps
+ include Tenacity
+
+
+ field :name, :type => String
+ field :url, :type => String
+ field :support_url, :type => String
+ field :callback_url, :type => String
+ field :key, :type => String
+ field :secret, :type => String
+ field :secret, :type => String
+
+ index :key, :unique => true
+
+ t_belongs_to :user
+ references_many :tokens, :class_name => 'OauthToken'
+ references_many :access_tokens
+ references_many :oauth2_verifiers
+ references_many :oauth_tokens
+
+ validates_presence_of :name, :url, :key, :secret
+ validates_uniqueness_of :key
+ before_validation :generate_keys, :on => :create
+
+ validates_format_of :url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i
+ validates_format_of :support_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true
+ validates_format_of :callback_url, :with => /\Ahttp(s?):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/i, :allow_blank=>true
+
+ attr_accessor :token_callback_url
+
+ def self.find_token(token_key)
+ token = OauthToken.where(:token => token_key)
+ if token && token.authorized?
+ token
+ else
+ nil
+ end
+ end
+
+ def self.verify_request(request, options = {}, &block)
+ begin
+ signature = OAuth::Signature.build(request, options, &block)
+ return false unless OauthNonce.remember(signature.request.nonce, signature.request.timestamp)
+ value = signature.verify
+ value
+ rescue OAuth::Signature::UnknownSignatureMethod => e
+ false
+ end
+ end
+
+ def oauth_server
+ @oauth_server ||= OAuth::Server.new("http://your.site")
+ end
+
+ def credentials
+ @oauth_client ||= OAuth::Consumer.new(key, secret)
+ end
+
+ # If your application requires passing in extra parameters handle it here
+ def create_request_token(params={})
+ RequestToken.create :client_application => self, :callback_url=>self.token_callback_url
+ end
+
+ protected
+ def generate_keys
+ self.key = OAuth::Helper.generate_key(40)[0,40]
+ self.secret = OAuth::Helper.generate_key(40)[0,40]
+ end
+end
View
20 app/models/oauth2_token.rb
@@ -0,0 +1,20 @@
+class Oauth2Token < AccessToken
+ attr_accessor :state
+ def as_json(options={})
+ d = {:access_token=>token, :token_type => 'bearer'}
+ d[:expires_in] = expires_in if expires_at
+ d
+ end
+
+ def to_query
+ q = "access_token=#{token}&token_type=bearer"
+ q << "&state=#{URI.escape(state)}" if @state
+ q << "&expires_in=#{expires_in}" if expires_at
+ q << "&scope=#{URI.escape(scope)}" if scope
+ q
+ end
+
+ def expires_in
+ expires_at.to_i - Time.now.to_i
+ end
+end
View
35 app/models/oauth2_verifier.rb
@@ -0,0 +1,35 @@
+class Oauth2Verifier < OauthToken
+ validates_presence_of :user
+ attr_accessor :state
+
+ def exchange!(params={})
+ OauthToken.transaction do
+ token = Oauth2Token.create! :user=>user,:client_application=>client_application, :scope => scope
+ invalidate!
+ token
+ end
+ end
+
+ def code
+ token
+ end
+
+ def redirect_url
+ callback_url
+ end
+
+ def to_query
+ q = "code=#{token}"
+ q << "&state=#{URI.escape(state)}" if @state
+ q
+ end
+
+ protected
+
+ def generate_keys
+ self.token = OAuth::Helper.generate_key(20)[0,20]
+ self.expires_at = 10.minutes.from_now
+ self.authorized_at = Time.now
+ end
+
+end
View
24 app/models/oauth_nonce.rb
@@ -0,0 +1,24 @@
+# Simple store of nonces. The OAuth Spec requires that any given pair of nonce and timestamps are unique.
+# Thus you can use the same nonce with a different timestamp and viceversa.
+class OauthNonce
+ include Mongoid::Document
+ include Mongoid::Timestamps
+
+ field :nonce, :type => String
+ field :timestamp, :type => Integer
+
+ index [
+ [:nonce, Mongo::ASCENDING],
+ [:timestamp, Mongo::ASCENDING]
+ ], :unique => true
+
+ validates_presence_of :nonce, :timestamp
+ validates_uniqueness_of :nonce, :scope => :timestamp
+
+ # Remembers a nonce and it's associated timestamp. It returns false if it has already been used
+ def self.remember(nonce, timestamp)
+ oauth_nonce = OauthNonce.create(:nonce => nonce, :timestamp => timestamp)
+ return false if oauth_nonce.new_record?
+ oauth_nonce
+ end
+end
View
46 app/models/oauth_token.rb
@@ -0,0 +1,46 @@
+class OauthToken
+ include Mongoid::Document
+ include Mongoid::Timestamps
+ include Tenacity
+
+
+ field :token, :type => String
+ field :secret, :type => String
+ field :callback_url, :type => String
+ field :verifier, :type => String
+ field :scope, :type => String
+ field :authorized_at, :type => Time
+ field :invalidated_at, :type => Time
+ field :valid_to, :type => Time
+
+ index :token, :unique => true
+
+ t_belongs_to :user
+ referenced_in :client_application
+
+ validates_uniqueness_of :token
+ validates_presence_of :client_application, :token
+ before_validation :generate_keys, :on => :create
+
+ def invalidated?
+ !invalidated_at.nil?
+ end
+
+ def invalidate!
+ update_attribute(:invalidated_at, Time.now)
+ end
+
+ def authorized?
+ !authorized_at.nil? && !invalidated?
+ end
+
+ def to_query
+ "oauth_token=#{token}&oauth_token_secret=#{secret}"
+ end
+
+ protected
+ def generate_keys
+ self.token = OAuth::Helper.generate_key(40)[0,40]
+ self.secret = OAuth::Helper.generate_key(40)[0,40]
+ end
+end
View
36 app/models/request_token.rb
@@ -0,0 +1,36 @@
+class RequestToken < OauthToken
+ attr_accessor :provided_oauth_verifier
+
+ def authorize!(user)
+ return false if authorized?
+ self.user = user
+ self.authorized_at = Time.now
+ self.verifier = OAuth::Helper.generate_key(20)[0,20] unless oauth10?
+ self.save
+ end
+
+ def exchange!
+ return false unless authorized?
+ return false unless oauth10? || verifier == provided_oauth_verifier
+
+ AccessToken.create(:user => user, :client_application => client_application).tap do
+ invalidate!
+ end
+ end
+
+ def to_query
+ if oauth10?
+ super
+ else
+ "#{super}&oauth_callback_confirmed=true"
+ end
+ end
+
+ def oob?
+ callback_url.nil? || callback_url.downcase == 'oob'
+ end
+
+ def oauth10?
+ (defined? OAUTH_10_SUPPORT) && OAUTH_10_SUPPORT && self.callback_url.blank?
+ end
+end
View
3  app/models/user.rb
@@ -5,6 +5,9 @@ class User < ActiveRecord::Base
validates_presence_of :name
validates_uniqueness_of :name
+
+ t_has_many :client_applications
+ t_has_many :tokens, :class_name => "OauthToken", :order => "authorized_at desc", :include => [:client_application]
def to_s
name
View
16 app/views/oauth/authorize.html.haml
@@ -0,0 +1,16 @@
+%h1 Authorize access to your account
+%p
+ Would you like to authorize
+ = link_to @token.client_application.name,@token.client_application.url
+ (
+ = link_to @token.client_application.url,@token.client_application.url
+ ) to access your account?
+= form_tag authorize_url do
+ = hidden_field_tag "oauth_token", @token.token
+ - if params[:oauth_callback]
+ = hidden_field_tag "oauth_callback", params[:oauth_callback]
+ %p
+ = check_box_tag 'authorize'
+ authorize access
+ %p
+ = submit_tag
View
1  app/views/oauth/authorize_failure.html.haml
@@ -0,0 +1 @@
+%h1 You have disallowed this request
View
1  app/views/oauth/authorize_success.html.haml
@@ -0,0 +1 @@
+%h1 You have allowed this request
View
17 app/views/oauth/oauth2_authorize.html.haml
@@ -0,0 +1,17 @@
+%h1 Authorize access to your account
+%p
+ Would you like to authorize
+ = link_to @client_application.name,@client_application.url
+ (
+ = link_to @client_application.url,@client_application.url
+ ) to access your account?
+= form_tag authorize_url do
+ = hidden_field_tag "response_type", params[:response_type]
+ = hidden_field_tag "client_id", params[:client_id]
+ = hidden_field_tag "redirect_uri", params[:redirect_uri]
+ = hidden_field_tag "state", params[:state]
+ = hidden_field_tag "scope", params[:scope]
+ = check_box_tag 'authorize'
+ authorize access
+ %p
+ = submit_tag
View
20 app/views/oauth_clients/_form.html.haml
@@ -0,0 +1,20 @@
+.field
+ %label{:for=>"client_application_name"} Name*
+ %br
+ = f.text_field :name
+
+.field
+ %label{:for=>"client_application_url"} Main Application URL*
+ %br
+ = f.text_field :url
+
+.field
+ %label{:for=>"client_application_callback_url"} Callback URL*
+ %br
+ = f.text_field :callback_url
+
+.field
+ %label{:for=>"client_application_support_url"} Support URL
+ %br
+ = f.text_field :support_url
+
View
4 app/views/oauth_clients/edit.html.haml
@@ -0,0 +1,4 @@
+%h1 Edit your application
+= form_for :client_application do |f|
+ = render :partial => "form", :locals => { :f => f }
+ = submit_tag "Edit"
View
39 app/views/oauth_clients/index.html.haml
@@ -0,0 +1,39 @@
+.flash= flash[:notice]
+%h1 OAuth Client Applications
+- unless @tokens.empty?
+
+ %p
+ The following tokens have been issued to applications in your name
+
+ %table
+ %tr
+ %th Application
+ %th Issued
+ %th &nbsp;
+ - @tokens.each do |token|
+ - content_tag_for :tr, token do
+ %td= link_to token.client_application.name, token.client_application.url
+ %td= token.authorized_at
+ %td
+ - form_tag :controller => 'oauth', :action => 'revoke' do
+ = hidden_field_tag 'token', token.token
+ = submit_tag "Revoke!"
+
+%h3 Application Developers
+
+- if @client_applications.empty?
+ %p
+ Do you have an application you would like to register for use with us using the <a href="http://oauth.net">OAuth</a> standard?
+ You must register your web application before it can make OAuth requests to this service
+- else
+ %p
+ You have the following client applications registered:
+
+ - @client_applications.each do |client|
+ - div_for client do
+ = link_to client.name, :action => :show, :id => client.id
+ = link_to 'Edit', edit_oauth_client_path(client)
+ = link_to 'Delete', oauth_client_path(client), :confirm => "Are you sure?", :method => :delete
+%br
+%h3
+ = link_to "Register your application", :action => :new
View
5 app/views/oauth_clients/new.html.haml
@@ -0,0 +1,5 @@
+%h1 Register a new application
+
+= form_for :client_application, :url => { :action => :create } do |f|
+ = render :partial => "form", :locals => { :f => f }
+ = submit_tag "Register"
View
30 app/views/oauth_clients/show.html.haml
@@ -0,0 +1,30 @@
+%h1
+ OAuth details for
+ =@client_application.name
+%p
+ %strong Consumer Key:
+ %code=@client_application.key
+%p
+ %strong Consumer Secret:
+ %code=@client_application.secret
+
+%p
+ %strong Request Token URL
+ %code
+ ="http#{'s' if request.ssl?}://#{request.host_with_port}#{@client_application.oauth_server.request_token_path}"
+
+%p
+ %strong Access Token URL
+ %code
+ ="http#{'s' if request.ssl?}://#{request.host_with_port}#{@client_application.oauth_server.access_token_path}"
+
+%p
+ %strong Authorize URL
+ %code
+ ="http#{'s' if request.ssl?}://#{request.host_with_port}#{@client_application.oauth_server.authorize_path}"
+
+%p
+ We support hmac-sha1 (recommended) as well as plain text in ssl mode.
+
+= link_to 'Edit', edit_oauth_client_path(@client_application)
+= link_to 'Back', oauth_clients_path
View
14 config/routes.rb
@@ -1,4 +1,18 @@
VersativeMongo::Application.routes.draw do
+ resources :oauth_clients
+
+ match '/oauth/test_request', :to => 'oauth#test_request', :as => :test_request
+
+ match '/oauth/token', :to => 'oauth#token', :as => :token
+
+ match '/oauth/access_token', :to => 'oauth#access_token', :as => :access_token
+
+ match '/oauth/request_token', :to => 'oauth#request_token', :as => :request_token
+
+ match '/oauth/authorize', :to => 'oauth#authorize', :as => :authorize
+
+ match '/oauth', :to => 'oauth#index', :as => :oauth
+
# The priority is based upon order of creation:
# first created -> highest priority.
View
176 spec/controllers/oauth_clients_controller_spec.rb
@@ -0,0 +1,176 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+require File.dirname(__FILE__) + '/oauth_controller_spec_helper'
+require 'oauth/client/action_controller_request'
+
+describe OauthClientsController do
+ if defined?(Devise)
+ include Devise::TestHelpers
+ end
+ include OAuthControllerSpecHelper
+ fixtures :client_applications, :oauth_tokens, :users
+ before(:each) do
+ login_as_application_owner
+ end
+
+ describe "index" do
+ before do
+ @client_applications = @user.client_applications
+ end
+
+ def do_get
+ get :index
+ end
+
+ it "should be successful" do
+ do_get
+ response.should be_success
+ end
+
+ it "should assign client_applications" do
+ do_get
+ assigns[:client_applications].should==@client_applications
+ end
+
+ it "should render index template" do
+ do_get
+ response.should render_template('index')
+ end
+ end
+
+ describe "show" do
+
+ def do_get
+ get :show, :id => '1'
+ end
+
+ it "should be successful" do
+ do_get
+ response.should be_success
+ end
+
+ it "should assign client_applications" do
+ do_get
+ assigns[:client_application].should==current_client_application
+ end
+
+ it "should render show template" do
+ do_get
+ response.should render_template('show')
+ end
+
+ end
+
+ describe "new" do
+
+ def do_get
+ get :new
+ end
+
+ it "should be successful" do
+ do_get
+ response.should be_success
+ end
+
+ it "should assign client_applications" do
+ do_get
+ assigns[:client_application].class.should==ClientApplication
+ end
+
+ it "should render show template" do
+ do_get
+ response.should render_template('new')
+ end
+
+ end
+
+ describe "edit" do
+ def do_get
+ get :edit, :id => '1'
+ end
+
+ it "should be successful" do
+ do_get
+ response.should be_success
+ end
+
+ it "should assign client_applications" do
+ do_get
+ assigns[:client_application].should==current_client_application
+ end
+
+ it "should render edit template" do
+ do_get
+ response.should render_template('edit')
+ end
+
+ end
+
+ describe "create" do
+
+ def do_valid_post
+ post :create, 'client_application'=>{'name' => 'my site', :url=>"http://test.com"}
+ @client_application = ClientApplication.last
+ end
+
+ def do_invalid_post
+ post :create
+ end
+
+ it "should redirect to new client_application" do
+ do_valid_post
+ response.should be_redirect
+ response.should redirect_to(:action => "show", :id => @client_application.id)
+ end
+
+ it "should render show template" do
+ do_invalid_post
+ response.should render_template('new')
+ end
+ end
+
+ describe "destroy" do
+
+ def do_delete
+ delete :destroy, :id => '1'
+ end
+
+ it "should destroy client applications" do
+ do_delete
+ ClientApplication.should_not be_exists(1)
+ end
+
+ it "should redirect to list" do
+ do_delete
+ response.should be_redirect
+ response.should redirect_to(:action => 'index')
+ end
+
+ end
+
+ describe "update" do
+
+ def do_valid_update
+ put :update, :id => '1', 'client_application'=>{'name' => 'updated site'}
+ end
+
+ def do_invalid_update
+ put :update, :id => '1', 'client_application'=>{'name' => nil}
+ end
+
+ it "should redirect to show client_application" do
+ do_valid_update
+ response.should be_redirect
+ response.should redirect_to(:action => "show", :id => 1)
+ end
+
+ it "should assign client_applications" do
+ do_invalid_update
+ assigns[:client_application].should == ClientApplication.find(1)
+ end
+
+ it "should render show template" do
+ do_invalid_update
+ response.should render_template('edit')
+ end
+ end
+end
View
29 spec/models/client_application_spec.rb
@@ -0,0 +1,29 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+describe ClientApplication do
+ fixtures :users, :client_applications, :oauth_tokens
+ before(:each) do
+ @application = ClientApplication.create :name => "Agree2", :url => "http://agree2.com", :user => users(:quentin)
+ end
+
+ it "should be valid" do
+ @application.should be_valid
+ end
+
+
+ it "should not have errors" do
+ @application.errors.full_messages.should == []
+ end
+
+ it "should have key and secret" do
+ @application.key.should_not be_nil
+ @application.secret.should_not be_nil
+ end
+
+ it "should have credentials" do
+ @application.credentials.should_not be_nil
+ @application.credentials.key.should == @application.key
+ @application.credentials.secret.should == @application.secret
+ end
+
+end
+
View
52 spec/models/oauth2_token_spec.rb
@@ -0,0 +1,52 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+
+describe Oauth2Token do
+ fixtures :client_applications, :users, :oauth_tokens
+ before(:each) do
+ @token = Oauth2Token.create :client_application => client_applications(:one), :user=>users(:aaron)
+ end
+
+ it "should be valid" do
+ @token.should be_valid
+ end
+
+ it "should have a token" do
+ @token.token.should_not be_nil
+ end
+
+ it "should have a secret" do
+ @token.secret.should_not be_nil
+ end
+
+ it "should be authorized" do
+ @token.should be_authorized
+ end
+
+ it "should not be invalidated" do
+ @token.should_not be_invalidated
+ end
+
+ it "should generate correct json and query strong" do
+ @token.as_json.should == {:access_token => @token.token, :token_type => 'bearer'}
+ @token.to_query.should == "access_token=#{@token.token}&token_type=bearer"
+ end
+
+ it "should generate correct json and query string and include state in query if present" do
+ @token.state = 'bb bb'
+ @token.as_json.should == {:access_token => @token.token, :token_type => 'bearer'}
+ @token.to_query.should == "access_token=#{@token.token}&token_type=bearer&state=bb%20bb"
+ end
+
+ it "should generate correct json and query string and include scope in query if present" do
+ @token.scope = 'bbbb aaaa'
+ @token.as_json.should == {:access_token => @token.token, :token_type => 'bearer'}
+ @token.to_query.should == "access_token=#{@token.token}&token_type=bearer&scope=bbbb%20aaaa"
+ end
+
+ it "should generate correct json and include expires_in if present" do
+ @token.expires_at = 1.hour.from_now
+ @token.as_json.should == { :access_token => @token.token, :token_type => 'bearer', :expires_in => 3600 }
+ @token.to_query.should == "access_token=#{@token.token}&token_type=bearer&expires_in=3600"
+ end
+
+end
View
44 spec/models/oauth2_verifier_spec.rb
@@ -0,0 +1,44 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+
+describe Oauth2Verifier do
+ fixtures :client_applications, :users, :oauth_tokens
+ before(:each) do
+ @verifier = Oauth2Verifier.create :client_application => client_applications(:one), :user=>users(:aaron), :scope => "bbbb aaaa"
+ end
+
+ it "should be valid" do
+ @verifier.should be_valid
+ end
+
+ it "should have a code" do
+ @verifier.code.should_not be_nil
+ end
+
+ it "should not have a secret" do
+ @verifier.secret.should be_nil
+ end
+
+ it "should be authorized" do
+ @verifier.should be_authorized
+ end
+
+ it "should not be invalidated" do
+ @verifier.should_not be_invalidated
+ end
+
+ it "should generate query string" do
+ @verifier.to_query.should == "code=#{@verifier.code}"
+ @verifier.state="bbbb aaaa"
+ @verifier.to_query.should == "code=#{@verifier.code}&state=bbbb%20aaaa"
+ end
+
+ it "should properly exchange for token" do
+ @token = @verifier.exchange!
+ @verifier.should be_invalidated
+ @token.user.should==@verifier.user
+ @token.client_application.should == @verifier.client_application
+ @token.should be_authorized
+ @token.should_not be_invalidated
+ @token.scope.should == @verifier.scope
+ end
+end
View
24 spec/models/oauth_nonce_spec.rb
@@ -0,0 +1,24 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+require 'oauth/helper'
+describe OauthNonce do
+ include OAuth::Helper
+ before(:each) do
+ @oauth_nonce = OauthNonce.remember(generate_key, Time.now.to_i)
+ end
+
+ it "should be valid" do
+ @oauth_nonce.should be_valid
+ end
+
+ it "should not have errors" do
+ @oauth_nonce.errors.full_messages.should == []
+ end
+
+ it "should not be a new record" do
+ @oauth_nonce.should_not be_new_record
+ end
+
+ it "should not allow a second one with the same values" do
+ OauthNonce.remember(@oauth_nonce.nonce,@oauth_nonce.timestamp).should == false
+ end
+end
View
309 spec/models/oauth_token_spec.rb
@@ -0,0 +1,309 @@
+require File.dirname(__FILE__) + '/../spec_helper'
+
+describe RequestToken do
+ fixtures :client_applications, :users, :oauth_tokens
+ before(:each) do
+ @token = RequestToken.create :client_application => client_applications(:one)
+ end
+
+ it "should be valid" do
+ @token.should be_valid
+ end
+
+ it "should not have errors" do
+ @token.errors.should_not == []
+ end
+
+ it "should have a token" do
+ @token.token.should_not be_nil
+ end
+
+ it "should have a secret" do
+ @token.secret.should_not be_nil
+ end
+
+ it "should not be authorized" do
+ @token.should_not be_authorized
+ end
+
+ it "should not be invalidated" do
+ @token.should_not be_invalidated
+ end
+
+ it "should not have a verifier" do
+ @token.verifier.should be_nil
+ end
+
+ it "should not be oob" do
+ @token.should_not be_oob
+ end
+
+ describe "OAuth 1.0a" do
+
+ describe "with provided callback" do
+ before(:each) do
+ @token.callback_url="http://test.com/callback"
+ end
+
+ it "should not be oauth10" do
+ @token.should_not be_oauth10
+ end
+
+ it "should not be oob" do
+ @token.should_not be_oob
+ end
+
+ describe "authorize request" do
+ before(:each) do
+ @token.authorize!(users(:quentin))
+ end
+
+ it "should be authorized" do
+ @token.should be_authorized
+ end
+
+ it "should have authorized at" do
+ @token.authorized_at.should_not be_nil
+ end
+
+ it "should have user set" do
+ @token.user.should == users(:quentin)
+ end
+
+ it "should have verifier" do
+ @token.verifier.should_not be_nil
+ end
+
+ describe "exchange for access token" do
+
+ before(:each) do
+ @token.provided_oauth_verifier=@token.verifier
+ @access = @token.exchange!
+ end
+
+ it "should be valid" do
+ @access.should be_valid
+ end
+
+ it "should have no error messages" do
+ @access.errors.full_messages.should==[]
+ end
+
+ it "should invalidate request token" do
+ @token.should be_invalidated
+ end
+
+ it "should set user on access token" do
+ @access.user.should == users(:quentin)
+ end
+
+ it "should authorize accesstoken" do
+ @access.should be_authorized
+ end
+ end
+
+ describe "attempt exchange with invalid verifier (OAuth 1.0a)" do
+
+ before(:each) do
+ @value = @token.exchange!
+ end
+
+ it "should return false" do
+ @value.should==false
+ end
+
+ it "should not invalidate request token" do
+ @token.should_not be_invalidated
+ end
+ end
+
+ end
+
+ describe "attempt exchange with out authorization" do
+
+ before(:each) do
+ @value = @token.exchange!
+ end
+
+ it "should return false" do
+ @value.should==false
+ end
+
+ it "should not invalidate request token" do
+ @token.should_not be_invalidated
+ end
+ end
+
+ it "should return 1.0a style to_query" do
+ @token.to_query.should=="oauth_token=#{@token.token}&oauth_token_secret=#{@token.secret}&oauth_callback_confirmed=true"
+ end
+
+ end
+
+ describe "with oob callback" do
+ before(:each) do
+ @token.callback_url='oob'
+ end
+
+ it "should not be oauth10" do
+ @token.should_not be_oauth10
+ end
+
+ it "should be oob" do
+ @token.should be_oob
+ end
+
+ describe "authorize request" do
+ before(:each) do
+ @token.authorize!(users(:quentin))
+ end
+
+ it "should be authorized" do
+ @token.should be_authorized
+ end
+
+ it "should have authorized at" do
+ @token.authorized_at.should_not be_nil
+ end
+
+ it "should have user set" do
+ @token.user.should == users(:quentin)
+ end
+
+ it "should have verifier" do
+ @token.verifier.should_not be_nil
+ end
+
+ describe "exchange for access token" do
+
+ before(:each) do
+ @token.provided_oauth_verifier=@token.verifier
+ @access = @token.exchange!
+ end
+
+ it "should invalidate request token" do
+ @token.should be_invalidated
+ end
+
+ it "should set user on access token" do
+ @access.user.should == users(:quentin)
+ end
+
+ it "should authorize accesstoken" do
+ @access.should be_authorized
+ end
+ end
+
+ describe "attempt exchange with invalid verifier (OAuth 1.0a)" do
+
+ before(:each) do
+ @value = @token.exchange!
+ end
+
+ it "should return false" do
+ @value.should==false
+ end
+
+ it "should not invalidate request token" do
+ @token.should_not be_invalidated
+ end
+ end
+
+ end
+
+ describe "attempt exchange with out authorization invalid verifier" do
+
+ before(:each) do
+ @value = @token.exchange!
+ end
+
+ it "should return false" do
+ @value.should==false
+ end
+
+ it "should not invalidate request token" do
+ @token.should_not be_invalidated
+ end
+ end
+
+ it "should return 1.0 style to_query" do
+ @token.to_query.should=="oauth_token=#{@token.token}&oauth_token_secret=#{@token.secret}&oauth_callback_confirmed=true"
+ end
+ end
+ end
+
+ if defined? OAUTH_10_SUPPORT && OAUTH_10_SUPPORT
+ describe "OAuth 1.0" do
+
+ it "should be oauth10" do
+ @token.should be_oauth10
+ end
+
+ it "should not be oob" do
+ @token.should_not be_oob
+ end
+
+ describe "authorize request" do
+ before(:each) do
+ @token.authorize!(users(:quentin))
+ end
+
+ it "should be authorized" do
+ @token.should be_authorized
+ end
+
+ it "should have authorized at" do
+ @token.authorized_at.should_not be_nil
+ end
+
+ it "should have user set" do
+ @token.user.should == users(:quentin)
+ end
+
+ it "should not have verifier" do
+ @token.verifier.should be_nil
+ end
+
+ describe "exchange for access token" do
+
+ before(:each) do
+ @access = @token.exchange!
+ end
+
+ it "should invalidate request token" do
+ @token.should be_invalidated
+ end
+
+ it "should set user on access token" do
+ @access.user.should == users(:quentin)
+ end
+
+ it "should authorize accesstoken" do
+ @access.should be_authorized
+ end
+ end
+
+ end
+
+ describe "attempt exchange with out authorization" do
+
+ before(:each) do
+ @value = @token.exchange!
+ end
+
+ it "should return false" do
+ @value.should==false
+ end
+
+ it "should not invalidate request token" do
+ @token.should_not be_invalidated
+ end
+ end
+
+ it "should return 1.0 style to_query" do
+ @token.to_query.should=="oauth_token=#{@token.token}&oauth_token_secret=#{@token.secret}"
+ end
+
+ end
+ end
+end

0 comments on commit a7c1884

Please sign in to comment.
Something went wrong with that request. Please try again.