Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Initial import, specs are passing but nothing is checked to be actual…
…ly working yet.
- Loading branch information
Michael Bleigh
committed
Sep 22, 2011
0 parents
commit 61c96ee
Showing
11 changed files
with
319 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
*.gem | ||
*.rbc | ||
.bundle | ||
.config | ||
.yardoc | ||
Gemfile.lock | ||
InstalledFiles | ||
_yardoc | ||
coverage | ||
doc/ | ||
lib/bundler/man | ||
pkg | ||
rdoc | ||
spec/reports | ||
test/tmp | ||
test/version_tmp | ||
tmp |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
--color | ||
--format=progress |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
source 'http://rubygems.org' | ||
|
||
gem 'omniauth', :git => 'git://github.com/intridea/omniauth.git' | ||
gemspec | ||
|
||
group :development, :test do | ||
gem 'guard' | ||
gem 'guard-rspec' | ||
gem 'guard-bundler' | ||
gem 'growl' | ||
gem 'rb-fsevent' | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
guard 'rspec', :version => 2 do | ||
watch(%r{^spec/.+_spec\.rb$}) | ||
watch(%r{^lib/(.+)\.rb$}) { |m| "spec/#{m[1]}_spec.rb" } | ||
watch('spec/spec_helper.rb') { "spec" } | ||
end | ||
|
||
|
||
guard 'bundler' do | ||
watch('Gemfile') | ||
watch(/^.+\.gemspec/) | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
#!/usr/bin/env rake | ||
require "bundler/gem_tasks" | ||
require 'rspec/core/rake_task' | ||
|
||
desc 'Default: run specs.' | ||
task :default => :spec | ||
|
||
desc "Run specs" | ||
RSpec::Core::RakeTask.new |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
require "omniauth-oauth/version" | ||
require 'omniauth/strategies/oauth' | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
module OmniAuth | ||
module OAuth | ||
VERSION = "1.0.0.alpha" | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,89 @@ | ||
require 'multi_json' | ||
require 'oauth' | ||
require 'omniauth' | ||
|
||
module OmniAuth | ||
module Strategies | ||
class OAuth | ||
include OmniAuth::Strategy | ||
|
||
def initialize(app, name, consumer_key=nil, consumer_secret=nil, consumer_options={}, options={}, &block) | ||
self.consumer_key = consumer_key | ||
self.consumer_secret = consumer_secret | ||
self.consumer_options = consumer_options | ||
super | ||
self.options[:open_timeout] ||= 30 | ||
self.options[:read_timeout] ||= 30 | ||
self.options[:authorize_params] = options[:authorize_params] || {} | ||
end | ||
|
||
def consumer | ||
consumer = ::OAuth::Consumer.new(consumer_key, consumer_secret, consumer_options.merge(options[:client_options] || options[:consumer_options] || {})) | ||
consumer.http.open_timeout = options[:open_timeout] if options[:open_timeout] | ||
consumer.http.read_timeout = options[:read_timeout] if options[:read_timeout] | ||
consumer | ||
end | ||
|
||
attr_reader :name | ||
attr_accessor :consumer_key, :consumer_secret, :consumer_options | ||
|
||
def request_phase | ||
request_token = consumer.get_request_token(:oauth_callback => callback_url) | ||
session['oauth'] ||= {} | ||
session['oauth'][name.to_s] = {'callback_confirmed' => request_token.callback_confirmed?, 'request_token' => request_token.token, 'request_secret' => request_token.secret} | ||
|
||
if request_token.callback_confirmed? | ||
redirect request_token.authorize_url(options[:authorize_params]) | ||
else | ||
redirect request_token.authorize_url(options[:authorize_params].merge(:oauth_callback => callback_url)) | ||
end | ||
|
||
rescue ::Timeout::Error => e | ||
fail!(:timeout, e) | ||
rescue ::Net::HTTPFatalError, ::OpenSSL::SSL::SSLError => e | ||
fail!(:service_unavailable, e) | ||
end | ||
|
||
def callback_phase | ||
raise OmniAuth::NoSessionError.new("Session Expired") if session['oauth'].nil? | ||
|
||
request_token = ::OAuth::RequestToken.new(consumer, session['oauth'][name.to_s].delete('request_token'), session['oauth'][name.to_s].delete('request_secret')) | ||
|
||
opts = {} | ||
if session['oauth'][name.to_s]['callback_confirmed'] | ||
opts[:oauth_verifier] = request['oauth_verifier'] | ||
else | ||
opts[:oauth_callback] = callback_url | ||
end | ||
|
||
@access_token = request_token.get_access_token(opts) | ||
super | ||
rescue ::Timeout::Error => e | ||
fail!(:timeout, e) | ||
rescue ::Net::HTTPFatalError, ::OpenSSL::SSL::SSLError => e | ||
fail!(:service_unavailable, e) | ||
rescue ::OAuth::Unauthorized => e | ||
fail!(:invalid_credentials, e) | ||
rescue ::NoMethodError, ::MultiJson::DecodeError => e | ||
fail!(:invalid_response, e) | ||
rescue ::OmniAuth::NoSessionError => e | ||
fail!(:session_expired, e) | ||
end | ||
|
||
def auth_hash | ||
OmniAuth::Utils.deep_merge(super, { | ||
'credentials' => { | ||
'token' => @access_token.token, | ||
'secret' => @access_token.secret | ||
}, 'extra' => { | ||
'access_token' => @access_token | ||
} | ||
}) | ||
end | ||
|
||
def unique_id | ||
nil | ||
end | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
# -*- encoding: utf-8 -*- | ||
require File.expand_path('../lib/omniauth-oauth/version', __FILE__) | ||
|
||
Gem::Specification.new do |gem| | ||
gem.authors = ["Michael Bleigh"] | ||
gem.email = ["michael@intridea.com"] | ||
gem.description = %q{A generic OAuth (1.0/1.0a) strategy for OmniAuth.} | ||
gem.summary = %q{A generic OAuth (1.0/1.0a) strategy for OmniAuth.} | ||
gem.homepage = "https://github.com/intridea/omniauth-oauth" | ||
|
||
gem.add_runtime_dependency 'omniauth', '~> 1.0.0.alpha' | ||
gem.add_runtime_dependency 'oauth' | ||
gem.add_development_dependency 'rspec', '~> 2.6' | ||
gem.add_development_dependency 'webmock' | ||
gem.add_development_dependency 'simplecov' | ||
gem.add_development_dependency 'rack-test' | ||
|
||
gem.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) } | ||
gem.files = `git ls-files`.split("\n") | ||
gem.test_files = `git ls-files -- {test,spec,features}/*`.split("\n") | ||
gem.name = "omniauth-oauth" | ||
gem.require_paths = ["lib"] | ||
gem.version = OmniAuth::OAuth::VERSION | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,131 @@ | ||
require 'spec_helper' | ||
|
||
describe "OmniAuth::Strategies::OAuth" do | ||
|
||
def app | ||
Rack::Builder.new { | ||
use OmniAuth::Test::PhonySession | ||
use OmniAuth::Builder do | ||
provider :oauth, 'example.org', 'abc', 'def', :site => 'https://api.example.org' | ||
provider :oauth, 'example.org_with_authorize_params', 'abc', 'def', { :site => 'https://api.example.org' }, :authorize_params => {:abc => 'def'} | ||
end | ||
run lambda { |env| [404, {'Content-Type' => 'text/plain'}, [env.key?('omniauth.auth').to_s]] } | ||
}.to_app | ||
end | ||
|
||
def session | ||
last_request.env['rack.session'] | ||
end | ||
|
||
before do | ||
stub_request(:post, 'https://api.example.org/oauth/request_token'). | ||
to_return(:body => "oauth_token=yourtoken&oauth_token_secret=yoursecret&oauth_callback_confirmed=true") | ||
end | ||
|
||
describe '/auth/{name}' do | ||
context 'successful' do | ||
before do | ||
get '/auth/example.org' | ||
end | ||
it 'should redirect to authorize_url' do | ||
last_response.should be_redirect | ||
last_response.headers['Location'].should == 'https://api.example.org/oauth/authorize?oauth_token=yourtoken' | ||
end | ||
|
||
it 'should redirect to authorize_url with authorize_params when set' do | ||
get '/auth/example.org_with_authorize_params' | ||
last_response.should be_redirect | ||
[ | ||
'https://api.example.org/oauth/authorize?abc=def&oauth_token=yourtoken', | ||
'https://api.example.org/oauth/authorize?oauth_token=yourtoken&abc=def' | ||
].should be_include(last_response.headers['Location']) | ||
end | ||
|
||
it 'should set appropriate session variables' do | ||
session['oauth'].should == {"example.org" => {'callback_confirmed' => true, 'request_token' => 'yourtoken', 'request_secret' => 'yoursecret'}} | ||
end | ||
end | ||
|
||
context 'unsuccessful' do | ||
before do | ||
stub_request(:post, 'https://api.example.org/oauth/request_token'). | ||
to_raise(::Net::HTTPFatalError.new(%Q{502 "Bad Gateway"}, nil)) | ||
get '/auth/example.org' | ||
end | ||
|
||
it 'should call fail! with :service_unavailable' do | ||
last_request.env['omniauth.error'].should be_kind_of(::Net::HTTPFatalError) | ||
last_request.env['omniauth.error.type'] = :service_unavailable | ||
end | ||
|
||
context "SSL failure" do | ||
before do | ||
stub_request(:post, 'https://api.example.org/oauth/request_token'). | ||
to_raise(::OpenSSL::SSL::SSLError.new("SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed")) | ||
get '/auth/example.org' | ||
end | ||
|
||
it 'should call fail! with :service_unavailable' do | ||
last_request.env['omniauth.error'].should be_kind_of(::OpenSSL::SSL::SSLError) | ||
last_request.env['omniauth.error.type'] = :service_unavailable | ||
end | ||
end | ||
end | ||
end | ||
|
||
describe '/auth/{name}/callback' do | ||
before do | ||
stub_request(:post, 'https://api.example.org/oauth/access_token'). | ||
to_return(:body => "oauth_token=yourtoken&oauth_token_secret=yoursecret") | ||
get '/auth/example.org/callback', {:oauth_verifier => 'dudeman'}, {'rack.session' => {'oauth' => {"example.org" => {'callback_confirmed' => true, 'request_token' => 'yourtoken', 'request_secret' => 'yoursecret'}}}} | ||
end | ||
|
||
it 'should exchange the request token for an access token' do | ||
last_request.env['omniauth.auth']['provider'].should == 'example.org' | ||
last_request.env['omniauth.auth']['extra']['access_token'].should be_kind_of(OAuth::AccessToken) | ||
end | ||
|
||
it 'should call through to the master app' do | ||
last_response.body.should == 'true' | ||
end | ||
|
||
context "bad gateway (or any 5xx) for access_token" do | ||
before do | ||
stub_request(:post, 'https://api.example.org/oauth/access_token'). | ||
to_raise(::Net::HTTPFatalError.new(%Q{502 "Bad Gateway"}, nil)) | ||
get '/auth/example.org/callback', {:oauth_verifier => 'dudeman'}, {'rack.session' => {'oauth' => {"example.org" => {'callback_confirmed' => true, 'request_token' => 'yourtoken', 'request_secret' => 'yoursecret'}}}} | ||
end | ||
|
||
it 'should call fail! with :service_unavailable' do | ||
last_request.env['omniauth.error'].should be_kind_of(::Net::HTTPFatalError) | ||
last_request.env['omniauth.error.type'] = :service_unavailable | ||
end | ||
end | ||
|
||
context "SSL failure" do | ||
before do | ||
stub_request(:post, 'https://api.example.org/oauth/access_token'). | ||
to_raise(::OpenSSL::SSL::SSLError.new("SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed")) | ||
get '/auth/example.org/callback', {:oauth_verifier => 'dudeman'}, {'rack.session' => {'oauth' => {"example.org" => {'callback_confirmed' => true, 'request_token' => 'yourtoken', 'request_secret' => 'yoursecret'}}}} | ||
end | ||
|
||
it 'should call fail! with :service_unavailable' do | ||
last_request.env['omniauth.error'].should be_kind_of(::OpenSSL::SSL::SSLError) | ||
last_request.env['omniauth.error.type'] = :service_unavailable | ||
end | ||
end | ||
end | ||
|
||
describe '/auth/{name}/callback with expired session' do | ||
before do | ||
stub_request(:post, 'https://api.example.org/oauth/access_token'). | ||
to_return(:body => "oauth_token=yourtoken&oauth_token_secret=yoursecret") | ||
get '/auth/example.org/callback', {:oauth_verifier => 'dudeman'}, {'rack.session' => {}} | ||
end | ||
|
||
it 'should call fail! with :session_expired' do | ||
last_request.env['omniauth.error'].should be_kind_of(::OmniAuth::NoSessionError) | ||
last_request.env['omniauth.error.type'] = :session_expired | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
$:.unshift File.expand_path('..', __FILE__) | ||
$:.unshift File.expand_path('../../lib', __FILE__) | ||
require 'simplecov' | ||
SimpleCov.start | ||
require 'rspec' | ||
require 'rack/test' | ||
require 'webmock/rspec' | ||
require 'omniauth' | ||
require 'omniauth-oauth' | ||
|
||
RSpec.configure do |config| | ||
config.include WebMock::API | ||
config.include Rack::Test::Methods | ||
config.extend OmniAuth::Test::StrategyMacros, :type => :strategy | ||
end | ||
|