Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Set the correct response status for authorization redirects.

  • Loading branch information...
commit 79a492c7d393aa5cbdeaf42c4707646e96a925a2 1 parent 2fcf17c
@jcoglan jcoglan authored
View
1  lib/oauth2/provider/authorization.rb
@@ -105,6 +105,7 @@ def response_headers
end
def response_status
+ return 302 if redirect?
return 200 if valid?
@client ? 302 : 400
end
View
5 oauth2-provider.gemspec
@@ -12,13 +12,14 @@ spec = Gem::Specification.new do |s|
s.files = %w(README.rdoc) + Dir.glob("{spec,lib,example}/**/*")
s.require_paths = ["lib"]
- s.add_dependency("bcrypt-ruby")
s.add_dependency("activerecord")
+ s.add_dependency("bcrypt-ruby")
s.add_dependency("json")
+ s.add_development_dependency("activerecord", "~> 3.0.0") # The SQLite adapter in 3.1 is broken
s.add_development_dependency("rspec")
s.add_development_dependency("sqlite3-ruby")
- s.add_development_dependency("sinatra")
+ s.add_development_dependency("sinatra", ">= 1.3.0")
s.add_development_dependency("thin")
s.add_development_dependency("factory_girl")
end
View
6 spec/oauth2/provider_spec.rb
@@ -194,8 +194,10 @@
describe "authorization confirmation from the user" do
let(:mock_auth) do
- mock = mock(OAuth2::Provider::Authorization)
- mock.stub(:redirect_uri).and_return('http://example.com/')
+ mock = mock OAuth2::Provider::Authorization,
+ :redirect_uri => 'http://example.com/',
+ :response_status => 302
+
OAuth2::Provider::Authorization.stub(:new).and_return(mock)
mock
end
View
4 spec/test_app/provider/application.rb
@@ -11,7 +11,7 @@ class Provider < Sinatra::Base
def handle_authorize
@oauth2 = OAuth2::Provider.parse(User['Bob'], request)
- redirect @oauth2.redirect_uri if @oauth2.redirect?
+ redirect(@oauth2.redirect_uri, @oauth2.response_status) if @oauth2.redirect?
headers @oauth2.response_headers
status @oauth2.response_status
@@ -49,7 +49,7 @@ def serve_protected_resource
else
@oauth2.deny_access!
end
- redirect @oauth2.redirect_uri
+ redirect @oauth2.redirect_uri, @oauth2.response_status
end
[:get, :post].each do |method|
Please sign in to comment.
Something went wrong with that request. Please try again.