-
-
Notifications
You must be signed in to change notification settings - Fork 305
/
Copy pathoauth2_spec.rb
117 lines (97 loc) · 3.96 KB
/
oauth2_spec.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
require "helper"
describe OmniAuth::Strategies::OAuth2 do # rubocop:disable Metrics/BlockLength
def app
lambda do |_env|
[200, {}, ["Hello."]]
end
end
let(:fresh_strategy) { Class.new(OmniAuth::Strategies::OAuth2) }
before do
OmniAuth.config.test_mode = true
end
after do
OmniAuth.config.test_mode = false
end
describe "Subclassing Behavior" do
subject { fresh_strategy }
it "performs the OmniAuth::Strategy included hook" do
expect(OmniAuth.strategies).to include(OmniAuth::Strategies::OAuth2)
expect(OmniAuth.strategies).to include(subject)
end
end
describe "#client" do
subject { fresh_strategy }
it "is initialized with symbolized client_options" do
instance = subject.new(app, :client_options => {"authorize_url" => "https://example.com"})
expect(instance.client.options[:authorize_url]).to eq("https://example.com")
end
it "sets ssl options as connection options" do
instance = subject.new(app, :client_options => {"ssl" => {"ca_path" => "foo"}})
expect(instance.client.options[:connection_opts][:ssl]).to eq(:ca_path => "foo")
end
end
describe "#authorize_params" do
subject { fresh_strategy }
it "includes any authorize params passed in the :authorize_params option" do
instance = subject.new("abc", "def", :authorize_params => {:foo => "bar", :baz => "zip"})
expect(instance.authorize_params["foo"]).to eq("bar")
expect(instance.authorize_params["baz"]).to eq("zip")
end
it "includes top-level options that are marked as :authorize_options" do
instance = subject.new("abc", "def", :authorize_options => %i[scope foo state], :scope => "bar", :foo => "baz")
expect(instance.authorize_params["scope"]).to eq("bar")
expect(instance.authorize_params["foo"]).to eq("baz")
end
it "includes random state in the authorize params" do
instance = subject.new("abc", "def")
expect(instance.authorize_params.keys).to eq(["state"])
expect(instance.session["omniauth.state"]).not_to be_empty
end
end
describe "#token_params" do
subject { fresh_strategy }
it "includes any authorize params passed in the :authorize_params option" do
instance = subject.new("abc", "def", :token_params => {:foo => "bar", :baz => "zip"})
expect(instance.token_params).to eq("foo" => "bar", "baz" => "zip")
end
it "includes top-level options that are marked as :authorize_options" do
instance = subject.new("abc", "def", :token_options => %i[scope foo], :scope => "bar", :foo => "baz")
expect(instance.token_params).to eq("scope" => "bar", "foo" => "baz")
end
end
describe "#callback_phase" do
subject { fresh_strategy }
it "calls fail with the client error received" do
instance = subject.new("abc", "def")
allow(instance).to receive(:request) do
double("Request", :params => {"error_reason" => "user_denied", "error" => "access_denied"})
end
expect(instance).to receive(:fail!).with("user_denied", anything)
instance.callback_phase
end
end
describe "#secure_params" do
subject { fresh_strategy }
it "returns true when the two inputs are the same and false otherwise" do
instance = subject.new("abc", "def")
expect(instance.send(:secure_compare, "a", "a")).to be true
expect(instance.send(:secure_compare, "b", "a")).to be false
end
end
end
describe OmniAuth::Strategies::OAuth2::CallbackError do
let(:error) { Class.new(OmniAuth::Strategies::OAuth2::CallbackError) }
describe "#message" do
subject { error }
it "includes all of the attributes" do
instance = subject.new("error", "description", "uri")
expect(instance.message).to match(/error/)
expect(instance.message).to match(/description/)
expect(instance.message).to match(/uri/)
end
it "includes all of the attributes" do
instance = subject.new(nil, :symbol)
expect(instance.message).to eq("symbol")
end
end
end