Skip to content
This repository
Browse code

got rid of oauth_controller_spec and it's spec helpers.

The goal is to test as much as possible in the gem so it's less
intrusive in your apps.
  • Loading branch information...
commit 6e24ec0ee2f3dc871756b2e8a75fa2181ff504f4 1 parent b08be7b
Pelle Braendgaard authored
4  generators/oauth_provider/oauth_provider_generator.rb
@@ -73,8 +73,6 @@ def manifest
73 73
         m.template 'client_applications.yml',File.join('spec/fixtures',"client_applications.yml")
74 74
         m.template 'oauth_tokens.yml',    File.join('spec/fixtures',"oauth_tokens.yml")
75 75
         m.template 'oauth_nonces.yml',    File.join('spec/fixtures',"oauth_nonces.yml")
76  
-        m.template 'controller_spec_helper.rb', File.join('spec/controllers', controller_class_path,"#{controller_file_name}_controller_spec_helper.rb")
77  
-        m.template 'controller_spec.rb',File.join('spec/controllers',controller_class_path,"#{controller_file_name}_controller_spec.rb")      
78 76
         m.template 'clients_controller_spec.rb',File.join('spec/controllers',controller_class_path,"#{controller_file_name}_clients_controller_spec.rb")
79 77
       else
80 78
         m.directory File.join('test')
@@ -87,8 +85,6 @@ def manifest
87 85
         m.template 'client_applications.yml',File.join('test/fixtures',"client_applications.yml")
88 86
         m.template 'oauth_tokens.yml',    File.join('test/fixtures',"oauth_tokens.yml")
89 87
         m.template 'oauth_nonces.yml',    File.join('test/fixtures',"oauth_nonces.yml")
90  
-        m.template 'controller_test_helper.rb', File.join('test', controller_class_path,"#{controller_file_name}_controller_test_helper.rb")
91  
-        m.template 'controller_test.rb',File.join('test/functional',controller_class_path,"#{controller_file_name}_controller_test.rb")
92 88
         m.template 'clients_controller_test.rb',File.join('test/functional',controller_class_path,"#{controller_file_name}_clients_controller_test.rb")
93 89
       end
94 90
       
838  generators/oauth_provider/templates/controller_spec.rb
... ...
@@ -1,838 +0,0 @@
1  
-require File.dirname(__FILE__) + '/../spec_helper'
2  
-require File.dirname(__FILE__) + '/oauth_controller_spec_helper'
3  
-
4  
-describe OauthController do 
5  
-  if defined?(Devise)
6  
-    include Devise::TestHelpers
7  
-  end  
8  
-  include OAuthControllerSpecHelper
9  
-  fixtures :client_applications, :oauth_tokens, :users
10  
-  describe "getting a request token" do
11  
-    before(:each) do
12  
-      sign_request_with_oauth
13  
-      ClientApplication.stub!(:find_by_key).and_return(current_client_application)
14  
-    end
15  
-  
16  
-    def do_get
17  
-      get :request_token
18  
-    end
19  
-  
20  
-    it "should be successful" do
21  
-      do_get
22  
-      response.should be_success
23  
-    end
24  
-  
25  
-    it "should query for client_application" do
26  
-      ClientApplication.should_receive(:find_by_key).with(current_client_application.key).and_return(current_client_application)
27  
-      do_get
28  
-    end
29  
-  
30  
-    it "should request token from client_application" do
31  
-      current_client_application.should_receive(:create_request_token).and_return(request_token)
32  
-      do_get
33  
-    end
34  
-  
35  
-    it "should return token string" do
36  
-      do_get
37  
-      response.body.should==RequestToken.last.to_query
38  
-    end
39  
-  
40  
-    it "should not set token_callback_url" do
41  
-      current_client_application.should_not_receive(:token_callback_url=)
42  
-      do_get
43  
-    end
44  
-  end
45  
-
46  
-  describe "getting a request token passing a oauth_callback url" do
47  
-    before(:each) do
48  
-      sign_request_with_oauth nil, {:oauth_callback=>"http://test.com/alternative_callback"}
49  
-      ClientApplication.stub!(:find_by_key).and_return(current_client_application)
50  
-    end
51  
-  
52  
-    def do_get
53  
-      get :request_token
54  
-    end
55  
-  
56  
-    it "should be successful" do
57  
-      do_get
58  
-      response.should be_success
59  
-    end
60  
-  
61  
-    it "should query for client_application" do
62  
-      ClientApplication.should_receive(:find_by_key).with(current_client_application.key).and_return(current_client_application)
63  
-      do_get
64  
-    end
65  
-  
66  
-    it "should request token from client_application" do
67  
-      current_client_application.should_receive(:create_request_token).and_return(request_token)
68  
-      do_get
69  
-    end
70  
-  
71  
-    it "should return token string" do
72  
-      do_get
73  
-      response.body.should==RequestToken.last.to_query
74  
-    end
75  
-  
76  
-    it "should set token_callback_url with received oauth_callback" do
77  
-      current_client_application.should_receive(:token_callback_url=).with("http://test.com/alternative_callback")
78  
-      do_get
79  
-    end
80  
-  end
81  
-
82  
-  describe "10a token authorization" do
83  
-    before(:each) do
84  
-      login
85  
-      RequestToken.stub!(:find_by_token).and_return(request_token)
86  
-    end
87  
-  
88  
-    def do_get
89  
-      get :authorize, :oauth_token => request_token.token
90  
-    end
91  
-  
92  
-    it "should show authorize page" do
93  
-      do_get
94  
-      response.should render_template("authorize")
95  
-    end
96  
-
97  
-    it "should authorize token" do
98  
-      request_token.should_not_receive(:authorize!).with(current_user)
99  
-      do_get      
100  
-    end
101  
-
102  
-    it "should redirect if token is invalidated" do
103  
-      request_token.invalidate!
104  
-      do_get
105  
-      response.should render_template("authorize_failure")
106  
-    end
107  
-  
108  
-  end
109  
-
110  
-  describe "10a token authorization" do
111  
-    before(:each) do
112  
-      login
113  
-      RequestToken.stub!(:find_by_token).and_return(request_token)
114  
-    end
115  
-  
116  
-    def do_post
117  
-      post :authorize, :oauth_token => request_token.token, :authorize=>1
118  
-    end
119  
-  
120  
-    it "should redirect to default callback" do
121  
-      do_post
122  
-      response.should be_redirect
123  
-      response.should redirect_to("http://application/callback?oauth_token=#{request_token.token}&oauth_verifier=#{request_token.verifier}")
124  
-    end
125  
-
126  
-    it "should authorize token" do
127  
-      request_token.should_receive(:authorize!).with(current_user)
128  
-      do_post      
129  
-    end
130  
-
131  
-    it "should redirect if token is invalidated" do
132  
-      request_token.invalidate!
133  
-      do_post
134  
-      response.should render_template("authorize_failure")
135  
-    end
136  
-  
137  
-  end
138  
-
139  
-  describe "2.0 authorization code flow" do
140  
-    before(:each) do
141  
-      login
142  
-    end
143  
-
144  
-    describe "authorize redirect" do
145  
-      before(:each) do
146  
-        get :authorize, :response_type=>"code",:client_id=>current_client_application.key, :redirect_url=>"http://application/callback"
147  
-      end
148  
-      
149  
-      it "should render authorize" do
150  
-        response.should render_template("oauth2_authorize")
151  
-      end
152  
-      
153  
-      it "should not create token" do
154  
-        Oauth2Verifier.last.should be_nil
155  
-      end
156  
-    end
157  
-    
158  
-    describe "authorize" do
159  
-      before(:each) do
160  
-        post :authorize, :response_type=>"code",:client_id=>current_client_application.key, :redirect_url=>"http://application/callback",:authorize=>1
161  
-        @verification_token = Oauth2Verifier.last
162  
-        @oauth2_token_count= Oauth2Token.count
163  
-      end
164  
-      subject { @verification_token }
165  
-      
166  
-      it { should_not be_nil }
167  
-      it "should set user on verification token" do 
168  
-        @verification_token.user.should==current_user
169  
-      end
170  
-      
171  
-      it "should set redirect_url" do
172  
-        @verification_token.redirect_url.should == "http://application/callback"
173  
-      end
174  
-      
175  
-      it "should redirect to default callback" do
176  
-        response.should be_redirect
177  
-        response.should redirect_to("http://application/callback?code=#{@verification_token.code}")
178  
-      end
179  
-      
180  
-      describe "get token" do
181  
-        before(:each) do
182  
-          post :token, :grant_type=>"authorization_code", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret, :redirect_url=>"http://application/callback",:code=>@verification_token.code
183  
-          @token = Oauth2Token.last
184  
-        end
185  
-        
186  
-        subject { @token }
187  
-        
188  
-        it { should_not be_nil }
189  
-        it { should be_authorized }
190  
-        it "should have added a new token" do
191  
-          Oauth2Token.count.should==@oauth2_token_count+1
192  
-        end
193  
-        
194  
-        it "should set user to current user" do
195  
-          @token.user.should==current_user
196  
-        end
197  
-        
198  
-        it "should return json token" do
199  
-          JSON.parse(response.body).should=={"access_token"=>@token.token}
200  
-        end
201  
-      end
202  
-
203  
-      describe "get token with wrong secret" do
204  
-        before(:each) do
205  
-          post :token, :grant_type=>"authorization_code", :client_id=>current_client_application.key,:client_secret=>"fake", :redirect_url=>"http://application/callback",:code=>@verification_token.code
206  
-        end
207  
-        
208  
-        it "should not create token" do
209  
-          Oauth2Token.count.should==@oauth2_token_count
210  
-        end
211  
-         
212  
-        it "should return incorrect_client_credentials error" do
213  
-          JSON.parse(response.body).should == {"error"=>"invalid_client"}
214  
-        end
215  
-      end
216  
-      
217  
-      describe "get token with wrong code" do
218  
-        before(:each) do
219  
-          post :token, :grant_type=>"authorization_code", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret, :redirect_url=>"http://application/callback",:code=>"fake"
220  
-        end
221  
-
222  
-        it "should not create token" do
223  
-          Oauth2Token.count.should==@oauth2_token_count
224  
-        end
225  
-
226  
-        it "should return incorrect_client_credentials error" do
227  
-          JSON.parse(response.body).should == {"error"=>"invalid_grant"}
228  
-        end
229  
-      end
230  
-
231  
-      describe "get token with wrong redirect_url" do
232  
-        before(:each) do
233  
-          post :token, :grant_type=>"authorization_code", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret, :redirect_url=>"http://evil/callback",:code=>@verification_token.code
234  
-        end
235  
-
236  
-        it "should not create token" do
237  
-          Oauth2Token.count.should==@oauth2_token_count
238  
-        end
239  
-
240  
-        it "should return incorrect_client_credentials error" do
241  
-          JSON.parse(response.body).should == {"error"=>"invalid_grant"}
242  
-        end
243  
-      end
244  
-
245  
-    end
246  
-
247  
-    describe "deny" do
248  
-      before(:each) do
249  
-        post :authorize, :response_type=>"code", :client_id=>current_client_application.key, :redirect_url=>"http://application/callback",:authorize=>0
250  
-      end
251  
-
252  
-      it { Oauth2Verifier.last.should be_nil }
253  
-
254  
-      it "should redirect to default callback" do
255  
-        response.should be_redirect
256  
-        response.should redirect_to("http://application/callback?error=user_denied")
257  
-      end      
258  
-    end
259  
-
260  
-  end
261  
-    
262  
-
263  
-  describe "2.0 authorization token flow" do
264  
-    before(:each) do
265  
-      login
266  
-      current_client_application # load up so it creates its own token
267  
-      @oauth2_token_count= Oauth2Token.count
268  
-    end
269  
-
270  
-    describe "authorize redirect" do
271  
-      before(:each) do
272  
-        get :authorize, :response_type=>"token",:client_id=>current_client_application.key, :redirect_url=>"http://application/callback"
273  
-      end
274  
-
275  
-      it "should render authorize" do
276  
-        response.should render_template("oauth2_authorize")
277  
-      end
278  
-
279  
-      it "should not create token" do
280  
-        Oauth2Verifier.last.should be_nil
281  
-      end
282  
-    end
283  
-
284  
-    describe "authorize" do
285  
-      before(:each) do
286  
-        post :authorize, :response_type=>"token",:client_id=>current_client_application.key, :redirect_url=>"http://application/callback",:authorize=>1
287  
-        @token = Oauth2Token.last
288  
-      end
289  
-      subject { @token }
290  
-      it "should redirect to default callback" do
291  
-        response.should be_redirect
292  
-        response.should redirect_to("http://application/callback?access_token=#{@token.token}")
293  
-      end
294  
-      
295  
-      it "should not have a scope" do
296  
-        @token.scope.should be_nil
297  
-      end
298  
-      it { should_not be_nil }
299  
-      it { should be_authorized }
300  
-      
301  
-      it "should set user to current user" do
302  
-        @token.user.should==current_user
303  
-      end
304  
-      
305  
-      it "should have added a new token" do
306  
-        Oauth2Token.count.should==@oauth2_token_count+1
307  
-      end
308  
-    end
309  
-    
310  
-    describe "deny" do
311  
-      before(:each) do
312  
-        post :authorize, :response_type=>"token", :client_id=>current_client_application.key, :redirect_url=>"http://application/callback",:authorize=>0
313  
-      end
314  
-      
315  
-      it { Oauth2Verifier.last.should be_nil }
316  
-
317  
-      it "should redirect to default callback" do
318  
-        response.should be_redirect
319  
-        response.should redirect_to("http://application/callback?error=user_denied")
320  
-      end      
321  
-    end
322  
-  end
323  
-  
324  
-  describe "oauth2 token for autonomous client_application" do
325  
-    before(:each) do
326  
-      current_client_application
327  
-      @oauth2_token_count = Oauth2Token.count
328  
-      post :token, :grant_type=>"none", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret
329  
-      @token = Oauth2Token.last
330  
-    end
331  
-    
332  
-    subject { @token }
333  
-    
334  
-    it { should_not be_nil }
335  
-    it { should be_authorized }
336  
-    it "should set user to client_applications user" do
337  
-      @token.user.should==current_client_application.user
338  
-    end
339  
-    it "should have added a new token" do
340  
-      Oauth2Token.count.should==@oauth2_token_count+1
341  
-    end
342  
-    
343  
-    it "should return json token" do
344  
-      JSON.parse(response.body).should=={"access_token"=>@token.token}
345  
-    end
346  
-  end
347  
-  
348  
-  describe "oauth2 token for autonomous client_application with invalid client credentials" do
349  
-    before(:each) do
350  
-      current_client_application
351  
-      @oauth2_token_count = Oauth2Token.count
352  
-      post :token, :grant_type=>"none", :client_id=>current_client_application.key,:client_secret=>"bad"
353  
-    end
354  
-    
355  
-    subject { @token }
356  
-    
357  
-    it "should not have added a new token" do
358  
-      Oauth2Token.count.should==@oauth2_token_count
359  
-    end
360  
-    
361  
-    it "should return json token" do
362  
-      JSON.parse(response.body).should=={"error"=>"invalid_client"}
363  
-    end
364  
-  end
365  
-  
366  
-  
367  
-  describe "oauth2 token for basic credentials" do
368  
-    before(:each) do
369  
-      current_client_application
370  
-      @oauth2_token_count = Oauth2Token.count
371  
-      post :token, :grant_type=>"password", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret, :username=>current_user.login, :password=>"password"
372  
-      @token = Oauth2Token.last
373  
-    end
374  
-    
375  
-    subject { @token }
376  
-    
377  
-    it { should_not be_nil }
378  
-    it { should be_authorized }
379  
-    it "should set user to client_applications user" do
380  
-      @token.user.should==current_user
381  
-    end
382  
-    it "should have added a new token" do
383  
-      Oauth2Token.count.should==@oauth2_token_count+1
384  
-    end
385  
-    
386  
-    it "should return json token" do
387  
-      JSON.parse(response.body).should=={"access_token"=>@token.token}
388  
-    end
389  
-  end
390  
-
391  
-  describe "oauth2 token for basic credentials with wrong password" do
392  
-    before(:each) do
393  
-      current_client_application
394  
-      @oauth2_token_count = Oauth2Token.count
395  
-      post :token, :grant_type=>"password", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret, :username=>current_user.login, :password=>"bad"
396  
-    end
397  
-    
398  
-    it "should not have added a new token" do
399  
-      Oauth2Token.count.should==@oauth2_token_count
400  
-    end
401  
-    
402  
-    it "should return json token" do
403  
-      JSON.parse(response.body).should=={"error"=>"invalid_grant"}
404  
-    end
405  
-  end
406  
-  
407  
-  describe "oauth2 token for basic credentials with unknown user" do
408  
-    before(:each) do
409  
-      current_client_application
410  
-      @oauth2_token_count = Oauth2Token.count
411  
-      post :token, :grant_type=>"password", :client_id=>current_client_application.key,:client_secret=>current_client_application.secret, :username=>"non existent", :password=>"password"
412  
-    end
413  
-    
414  
-    it "should not have added a new token" do
415  
-      Oauth2Token.count.should==@oauth2_token_count
416  
-    end
417  
-    
418  
-    it "should return json token" do
419  
-      JSON.parse(response.body).should=={"error"=>"invalid_grant"}
420  
-    end
421  
-  end
422  
-
423  
-  describe "getting an access token" do
424  
-    before(:each) do
425  
-      request_token.authorize!(current_user)
426  
-      request_token.reload
427  
-      sign_request_with_oauth consumer_request_token, :oauth_verifier=>request_token.verifier
428  
-    end
429  
-  
430  
-    def do_get
431  
-      post :access_token
432  
-    end
433  
-    
434  
-    it "should have a verifier" do
435  
-      request_token.verifier.should_not be_nil
436  
-    end
437  
-    
438  
-    it "should be authorized" do
439  
-      request_token.should be_authorized
440  
-    end
441  
-    
442  
-    it "should be successful" do
443  
-      do_get
444  
-      response.should be_success
445  
-    end
446  
-  
447  
-    it "should request token from client_application" do
448  
-      controller.stub!(:current_token).and_return(request_token)
449  
-      request_token.should_receive(:exchange!).and_return(access_token)
450  
-      do_get
451  
-    end
452  
-  
453  
-    it "should return token string" do
454  
-      do_get
455  
-      response.body.should == AccessToken.last.to_query
456  
-    end
457  
-    
458  
-    describe "access token" do
459  
-      before(:each) do
460  
-        do_get
461  
-        access_token=AccessToken.last
462  
-      end
463  
-      
464  
-      it "should have user set" do
465  
-        access_token.user.should==current_user
466  
-      end
467  
-      
468  
-      it "should be authorized" do
469  
-        access_token.should be_authorized
470  
-      end
471  
-    end
472  
-  end
473  
-  
474  
-  describe "invalidate" do
475  
-    before(:each) do
476  
-      sign_request_with_oauth access_token
477  
-      get :invalidate
478  
-    end
479  
-
480  
-    it "should be a success" do
481  
-      response.code.should=="410"
482  
-    end
483  
-  end
484  
-  
485  
-end
486  
-
487  
-class OauthorizedController<ApplicationController
488  
-  before_filter :login_required,                               :only => :interactive
489  
-  oauthenticate                                                :only => :all
490  
-  oauthenticate :strategies=>:token,                           :only=>:interactive_and_token
491  
-  oauthenticate :strategies=>:two_legged,                      :only=>:interactive_and_two_legged
492  
-  oauthenticate :interactive=>false,                           :only=>:no_interactive
493  
-  oauthenticate :interactive=>false, :strategies=>:token,      :only=>:token
494  
-  oauthenticate :interactive=>false, :strategies=>:two_legged, :only=>:two_legged
495  
-  before_filter :oauth_required,                               :only=>:token_legacy
496  
-  before_filter :login_or_oauth_required,                      :only=>:both_legacy
497  
-  
498  
-  def interactive
499  
-    head :ok
500  
-  end
501  
-  
502  
-  def all
503  
-    head :ok
504  
-  end
505  
-  
506  
-  def token
507  
-    head :ok
508  
-  end
509  
-
510  
-  def interactive_and_token
511  
-    head :ok
512  
-  end
513  
-  
514  
-  def interactive_and_two_legged
515  
-    head :ok
516  
-  end
517  
-  
518  
-  def two_legged
519  
-    head :ok
520  
-  end
521  
-  
522  
-  def token_legacy
523  
-    head :ok
524  
-  end
525  
-  
526  
-  def both_legacy
527  
-    head :ok
528  
-  end
529  
-end
530  
-
531  
-describe OauthorizedController, " access control" do
532  
-  fixtures :client_applications, :oauth_tokens, :users
533  
-  if defined?(Devise)
534  
-    include Devise::TestHelpers
535  
-  end
536  
-  include OAuthControllerSpecHelper
537  
-  
538  
-  it "should return false for oauth? by default" do
539  
-    controller.send(:oauth?).should == false
540  
-  end
541  
-
542  
-  it "should return nil for current_token  by default" do
543  
-    controller.send(:current_token).should be_nil
544  
-  end
545  
-  
546  
-  describe "oauth 10a" do
547  
-
548  
-    describe "request token signed" do
549  
-      before(:each) do
550  
-        sign_request_with_oauth(request_token)
551  
-      end
552  
-      
553  
-      it "should disallow oauth using RequestToken when using oauth_required" do
554  
-        get :token
555  
-        response.code.should == '401'
556  
-      end
557  
-    end
558  
-    
559  
-    describe "access token signed" do
560  
-      before(:each) do
561  
-        sign_request_with_oauth(access_token)
562  
-      end
563  
-      
564  
-      [:interactive,:two_legged,:interactive_and_two_legged].each do |action|
565  
-        describe "accessing #{action.to_s.humanize}" do
566  
-          before(:each) do
567  
-            get action
568  
-          end
569  
-          
570  
-          it "should not be a success" do
571  
-            response.should_not be_success
572  
-          end
573  
-          
574  
-          it "should not set current_token" do
575  
-            controller.send(:current_token).should be_nil
576  
-          end
577  
-
578  
-          it "should not set current_client_application" do
579  
-            controller.send(:current_client_application).should be_nil
580  
-          end
581  
-
582  
-          it "should not set current_user" do
583  
-            controller.send(:current_user).should be_nil
584  
-          end
585  
-        end        
586  
-      end
587  
-      
588  
-      [:token,:interactive_and_token,:all,:token_legacy,:both_legacy].each do |action|
589  
-        describe "accessing #{action.to_s.humanize}" do
590  
-          before(:each) do
591  
-            get action
592  
-          end
593  
-          
594  
-          it "should not be a success" do
595  
-            response.should be_success
596  
-          end
597  
-          
598  
-          it "should set current_token" do
599  
-            controller.send(:current_token).should == access_token
600  
-          end
601  
-
602  
-          it "should set current_client_application" do
603  
-            controller.send(:current_client_application).should == current_client_application
604  
-          end
605  
-
606  
-          it "should set current_user" do
607  
-            controller.send(:current_user).should == current_user
608  
-          end
609  
-        end        
610  
-      end
611  
-    end
612  
-
613  
-    describe "2 legged" do
614  
-      before(:each) do
615  
-        two_legged_sign_request_with_oauth(current_consumer)
616  
-      end
617  
-      
618  
-      [:token,:interactive_and_token,:interactive,:token_legacy,:both_legacy].each do |action|
619  
-        describe "accessing #{action.to_s.humanize}" do
620  
-          before(:each) do
621  
-            get action
622  
-          end
623  
-          
624  
-          it "should not be a success" do
625  
-            response.should_not be_success
626  
-          end
627  
-          
628  
-          it "should not set current_token" do
629  
-            controller.send(:current_token).should be_nil
630  
-          end
631  
-
632  
-          it "should not set current_client_application" do
633  
-            controller.send(:current_client_application).should be_nil
634  
-          end
635  
-
636  
-          it "should not set current_user" do
637  
-            controller.send(:current_user).should be_nil
638  
-          end
639  
-        end        
640  
-      end
641  
-      
642  
-      [:two_legged,:interactive_and_two_legged,:all].each do |action|
643  
-        describe "accessing #{action.to_s.humanize}" do
644  
-          before(:each) do
645  
-            get action
646  
-          end
647  
-          
648  
-          it "should not be a success" do
649  
-            response.should be_success
650  
-          end
651  
-          
652  
-          it "should not set current_token" do
653  
-            controller.send(:current_token).should be_nil
654  
-          end
655  
-
656  
-          it "should set current_client_application" do
657  
-            controller.send(:current_client_application).should == current_client_application
658  
-          end
659  
-
660  
-          it "should set current_user" do
661  
-            controller.send(:current_user).should == current_client_application.user
662  
-          end
663  
-        end        
664  
-      end
665  
-    end
666  
-
667  
-  end
668  
-
669  
-  describe "oauth 2.0" do
670  
-    before(:each) do
671  
-      @access_token = Oauth2Token.create :user=>current_user, :client_application=>current_client_application
672  
-      @client_application = @access_token.client_application
673  
-    end
674  
-    describe "authorize header" do
675  
-      before(:each) do
676  
-        add_oauth2_token_header(access_token)
677  
-      end
678  
-      
679  
-      it "should include headers" do
680  
-        get :interactive_and_token
681  
-        ActionController::HttpAuthentication::Basic.authorization(request).should == "OAuth #{access_token.token}"
682  
-      end
683  
-      
684  
-      [:interactive,:two_legged,:interactive_and_two_legged,:token_legacy,:both_legacy].each do |action|
685  
-        describe "accessing #{action.to_s.humanize}" do
686  
-          before(:each) do
687  
-            get action
688  
-          end
689  
-          
690  
-          it "should not be a success" do
691  
-            response.should_not be_success
692  
-          end
693  
-          
694  
-          it "should not set current_token" do
695  
-            controller.send(:current_token).should be_nil
696  
-          end
697  
-
698  
-          it "should not set current_client_application" do
699  
-            controller.send(:current_client_application).should be_nil
700  
-          end
701  
-
702  
-          it "should not set current_user" do
703  
-            controller.send(:current_user).should be_nil
704  
-          end
705  
-        end        
706  
-      end
707  
-      
708  
-      [:token,:interactive_and_token,:all].each do |action|
709  
-        describe "accessing #{action.to_s.humanize}" do
710  
-          before(:each) do
711  
-            get action
712  
-          end
713  
-          
714  
-          it "should not be a success" do
715  
-            response.should be_success
716  
-          end
717  
-          
718  
-          it "should set current_token" do
719  
-            controller.send(:current_token).should == access_token
720  
-          end
721  
-
722  
-          it "should set current_client_application" do
723  
-            controller.send(:current_client_application).should == current_client_application
724  
-          end
725  
-
726  
-          it "should set current_user" do
727  
-            controller.send(:current_user).should == current_user
728  
-          end
729  
-        end        
730  
-      end
731  
-    end
732  
-
733  
-    describe "query string" do
734  
-      [:interactive,:two_legged,:interactive_and_two_legged,:token_legacy,:both_legacy].each do |action|
735  
-        describe "accessing #{action.to_s.humanize}" do
736  
-          before(:each) do
737  
-            get action, :oauth_token=>access_token.token
738  
-          end
739  
-          
740  
-          it "should not be a success" do
741  
-            response.should_not be_success
742  
-          end
743  
-          
744  
-          it "should not set current_token" do
745  
-            controller.send(:current_token).should be_nil
746  
-          end
747  
-
748  
-          it "should not set current_client_application" do
749  
-            controller.send(:current_client_application).should be_nil
750  
-          end
751  
-
752  
-          it "should not set current_user" do
753  
-            controller.send(:current_user).should be_nil
754  
-          end
755  
-        end        
756  
-      end
757  
-      
758  
-      [:token,:interactive_and_token,:all].each do |action|
759  
-        describe "accessing #{action.to_s.humanize}" do
760  
-          before(:each) do
761  
-            get action, :oauth_token=>access_token.token
762  
-          end
763  
-          
764  
-          it "should not be a success" do
765  
-            response.should be_success
766  
-          end
767  
-          
768  
-          it "should set current_token" do
769  
-            controller.send(:current_token).should == access_token
770  
-          end
771  
-
772  
-          it "should set current_client_application" do
773  
-            controller.send(:current_client_application).should == current_client_application
774  
-          end
775  
-
776  
-          it "should set current_user" do
777  
-            controller.send(:current_user).should == current_user
778  
-          end
779  
-        end        
780  
-      end
781  
-
782  
-    end
783  
-
784  
-  end
785  
-
786  
-  describe "logged in user" do
787  
-    before(:each) do
788  
-      login
789  
-    end
790  
-    
791  
-    
792  
-    [:token,:two_legged,:token_legacy].each do |action|
793  
-      describe "accessing #{action.to_s.humanize}" do
794  
-        before(:each) do
795  
-          get action, :oauth_token=>access_token.token
796  
-        end
797  
-        
798  
-        it "should not be a success" do
799  
-          response.should_not be_success
800  
-        end
801  
-        
802  
-        it "should not set current_token" do
803  
-          controller.send(:current_token).should be_nil
804  
-        end
805  
-
806  
-        it "should not set current_client_application" do
807  
-          controller.send(:current_client_application).should be_nil
808  
-        end
809  
-
810  
-      end        
811  
-    end
812  
-    
813  
-    [:interactive,:interactive_and_two_legged,:interactive_and_token,:all,:both_legacy].each do |action|
814  
-      describe "accessing #{action.to_s.humanize}" do
815  
-        before(:each) do
816  
-          get action, :oauth_token=>access_token.token
817  
-        end
818  
-        
819  
-        it "should not be a success" do
820  
-          response.should be_success
821  
-        end
822  
-        
823  
-        it "should not set current_token" do
824  
-          controller.send(:current_token).should be_nil
825  
-        end
826  
-
827  
-        it "should not set current_client_application" do
828  
-          controller.send(:current_client_application).should be_nil
829  
-        end
830  
-
831  
-        it "should set current_user" do
832  
-          controller.send(:current_user).should == current_user
833  
-        end
834  
-      end        
835  
-    end
836  
-  end
837  
-end
838  
-
66  generators/oauth_provider/templates/controller_spec_helper.rb
... ...
@@ -1,66 +0,0 @@
1  
-require 'oauth/client/action_controller_request'
2  
-module OAuthControllerSpecHelper
3  
-  
4  
-  def current_user
5  
-    @user||=users(:aaron)
6  
-  end
7  
-
8  
-  def current_client_application
9  
-    @client_application||=client_applications(:one)
10  
-  end
11  
-  
12  
-  def access_token
13  
-    @access_token||=AccessToken.create :user=>current_user,:client_application=>current_client_application
14  
-  end
15  
-  
16  
-  def request_token
17  
-    @request_token||=RequestToken.create :client_application=>current_client_application, :callback_url=>"http://application/callback"
18  
-  end
19  
-  
20  
-  def consumer_request_token
21  
-    OAuth::RequestToken.new current_consumer,request_token.token,request_token.secret
22  
-  end
23  
-
24  
-  def consumer_access_token
25  
-    OAuth::AccessToken.new current_consumer,access_token.token,access_token.secret
26  
-  end
27  
-  
28  
-  if defined?(Devise)
29  
-    include Devise::TestHelpers
30  
-    def login
31  
-      sign_in :user, current_user
32  
-    end
33  
-  else
34  
-    def login
35  
-      controller.stub!(:current_user).and_return(current_user)
36  
-    end
37  
-  end
38  
-  
39  
-  def login_as_application_owner
40  
-    @user = users(:quentin)
41  
-    login
42  
-  end
43  
-  
44  
-  def current_consumer
45  
-    @consumer ||= OAuth::Consumer.new(current_client_application.key,current_client_application.secret,{:site => "http://test.host"})
46  
-  end
47  
-
48  
-  def setup_oauth_for_user
49  
-    login
50  
-  end
51  
-
52  
-  def sign_request_with_oauth(token=nil,options={})
53  
-    ActionController::TestRequest.use_oauth=true
54  
-    @request.configure_oauth(current_consumer,token,options)
55  
-  end
56  
-
57  
-  def two_legged_sign_request_with_oauth(consumer=nil,options={})
58  
-    ActionController::TestRequest.use_oauth=true
59  
-    @request.configure_oauth(consumer,nil,options)
60  
-  end
61  
-
62  
-  def add_oauth2_token_header(token,options={})    
63  
-    request.env['HTTP_AUTHORIZATION'] = "OAuth #{token.token}"
64  
-  end
65  
-    
66  
-end
310  generators/oauth_provider/templates/controller_test.rb
... ...
@@ -1,310 +0,0 @@
1  
-require File.dirname(__FILE__) + '/../test_helper'
2  
-require File.dirname(__FILE__) + '/../oauth_controller_test_helper'
3  
-require 'oauth/client/action_controller_request'
4  
-
5  
-class OauthController; def rescue_action(e) raise e end; end
6  
-
7  
-class OauthControllerRequestTokenTest < ActionController::TestCase
8  
-  include OAuthControllerTestHelper
9  
-  tests OauthController
10  
-  
11  
-  def setup
12  
-    @controller = OauthController.new
13  
-    setup_oauth
14  
-    sign_request_with_oauth
15  
-    @client_application.stubs(:create_request_token).returns(@request_token)
16  
-  end
17  
-  
18  
-  def do_get
19  
-    get :request_token
20  
-  end
21  
-  
22  
-  def test_should_be_successful
23  
-    do_get
24  
-    assert @response.success?
25  
-  end
26  
-  
27  
-  def test_should_query_for_client_application
28  
-    ClientApplication.expects(:find_by_key).with('key').returns(@client_application)
29  
-    do_get
30  
-  end
31  
-  
32  
-  def test_should_request_token_from_client_application
33  
-    @client_application.expects(:create_request_token).returns(@request_token)
34  
-    do_get
35  
-  end
36  
-  
37  
-  def test_should_return_token_string
38  
-    do_get
39  
-    assert_equal @request_token_string, @response.body
40  
-  end
41  
-end
42  
-
43  
-class OauthControllerTokenAuthorizationTest < ActionController::TestCase
44  
-   include OAuthControllerTestHelper
45  
-   tests OauthController
46  
-   
47  
-  def setup
48  
-    @controller = OauthController.new
49  
-    login
50  
-    setup_oauth
51  
-    RequestToken.stubs(:find_by_token).returns(@request_token)
52  
-  end
53  
-  
54  
-  def do_get
55  
-    get :authorize, :oauth_token => @request_token.token
56  
-  end
57  
-
58  
-  def do_post
59  
-    @request_token.expects(:authorize!).with(@user)
60  
-    post :authorize,:oauth_token=>@request_token.token,:authorize=>"1"
61  
-  end
62  
-
63  
-  def do_post_without_user_authorization
64  
-    @request_token.expects(:invalidate!)
65  
-    post :authorize,:oauth_token=>@request_token.token,:authorize=>"0"
66  
-  end
67  
-
68  
-  def do_post_with_callback
69  
-    @request_token.expects(:authorize!).with(@user)
70  
-    post :authorize,:oauth_token=>@request_token.token,:oauth_callback=>"http://application/alternative",:authorize=>"1"
71  
-  end
72  
-
73  
-  def do_post_with_no_application_callback
74  
-    @request_token.expects(:authorize!).with(@user)
75  
-    @client_application.stubs(:callback_url).returns(nil)
76  
-    post :authorize, :oauth_token => @request_token.token, :authorize=>"1"
77  
-  end
78  
-  
79  
-  def test_should_be_successful
80  
-    do_get
81  
-    assert @response.success?
82  
-  end
83  
-  
84  
-  def test_should_query_for_client_application
85  
-    RequestToken.expects(:find_by_token).returns(@request_token)
86  
-    do_get
87  
-  end
88  
-  
89  
-  def test_should_assign_token
90  
-    do_get
91  
-    assert_equal @request_token, assigns(:token)
92  
-  end
93  
-  
94  
-  def test_should_render_authorize_template
95  
-    do_get
96  
-    assert_template('authorize')
97  
-  end
98  
-  
99  
-  def test_should_redirect_to_default_callback
100  
-    do_post
101  
-    assert_response :redirect
102  
-    assert_redirected_to("http://application/callback?oauth_token=#{@request_token.token}")
103  
-  end
104  
-
105  
-  def test_should_redirect_to_callback_in_query
106  
-    do_post_with_callback
107  
-    assert_response :redirect
108  
-    assert_redirected_to("http://application/alternative?oauth_token=#{@request_token.token}")
109  
-  end
110  
-
111  
-  def test_should_be_successful_on_authorize_without_any_application_callback
112  
-    do_post_with_no_application_callback
113  
-    assert @response.success?
114  
-    assert_template('authorize_success')
115  
-  end
116  
-  
117  
-  def test_should_render_failure_screen_on_user_invalidation
118  
-    do_post_without_user_authorization
119  
-    assert_template('authorize_failure')
120  
-  end
121  
-
122  
-  def test_should_render_failure_screen_if_token_is_invalidated
123  
-    @request_token.expects(:invalidated?).returns(true)
124  
-    do_get
125  
-    assert_template('authorize_failure')
126  
-  end
127  
-  
128  
-
129  
-end
130  
-
131  
-class OauthControllerGetAccessTokenTest < ActionController::TestCase
132  
-  include OAuthControllerTestHelper
133  
-  tests OauthController
134  
-