mirror of
https://github.com/heartcombo/devise.git
synced 2022-11-09 12:18:31 -05:00
More tests for Omniauth.
This commit is contained in:
parent
2f360bf201
commit
611261c64e
22 changed files with 198 additions and 390 deletions
|
@ -19,6 +19,7 @@ class Devise::RegistrationsController < ApplicationController
|
|||
sign_in_and_redirect(resource_name, resource)
|
||||
else
|
||||
set_flash_message :notice, :inactive_signed_up, :reason => resource.inactive_message.to_s
|
||||
expire_session_data_after_sign_in!
|
||||
redirect_to after_inactive_sign_up_path_for(resource)
|
||||
end
|
||||
else
|
||||
|
|
|
@ -18,8 +18,8 @@
|
|||
<%= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name) %><br />
|
||||
<% end -%>
|
||||
|
||||
<%- if devise_mapping.oauthable? %>
|
||||
<%- resource_class.oauth_providers.each do |provider| %>
|
||||
<%= link_to "Sign in with #{provider.to_s.titleize}", oauth_authorize_url(resource_name, provider) %><br />
|
||||
<%- if devise_mapping.omniauthable? %>
|
||||
<%- resource_class.omniauth_providers.each do |provider| %>
|
||||
<%= link_to "Sign in with #{provider.to_s.titleize}", omniauth_authorize_path(resource_name, provider) %><br />
|
||||
<% end -%>
|
||||
<% end -%>
|
|
@ -34,7 +34,7 @@ en:
|
|||
unlocks:
|
||||
send_instructions: 'You will receive an email with instructions about how to unlock your account in a few minutes.'
|
||||
unlocked: 'Your account was successfully unlocked. You are now signed in.'
|
||||
oauth_callbacks:
|
||||
omniauth_callbacks:
|
||||
success: 'Successfully authorized from %{kind} account.'
|
||||
failure: 'Could not authorize you from %{kind} because "%{reason}".'
|
||||
mailer:
|
||||
|
|
|
@ -104,10 +104,11 @@ module Devise
|
|||
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
||||
resource = args.last || resource_or_scope
|
||||
|
||||
expire_session_data_after_sign_in!
|
||||
|
||||
if options[:bypass]
|
||||
warden.session_serializer.store(resource, scope)
|
||||
else
|
||||
expire_session_data_after_sign_in!
|
||||
warden.set_user(resource, options.merge!(:scope => scope))
|
||||
end
|
||||
end
|
||||
|
@ -195,7 +196,13 @@ module Devise
|
|||
options = args.extract_options!
|
||||
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
||||
resource = args.last || resource_or_scope
|
||||
sign_in(scope, resource, options) unless warden.user(scope) == resource
|
||||
|
||||
if warden.user(scope) == resource
|
||||
expire_session_data_after_sign_in!
|
||||
else
|
||||
sign_in(scope, resource, options)
|
||||
end
|
||||
|
||||
redirect_for_sign_in(scope, resource)
|
||||
end
|
||||
|
||||
|
@ -219,8 +226,8 @@ module Devise
|
|||
redirect_to after_sign_out_path_for(scope)
|
||||
end
|
||||
|
||||
# A hook called to expire session data after sign up/in. This is used
|
||||
# by a few extensions, like oauth, to expire tokens stored in session.
|
||||
# A hook called to expire session data after sign up/in. All keys
|
||||
# stored under "devise." namespace are removed after sign in.
|
||||
def expire_session_data_after_sign_in!
|
||||
session.keys.grep(/^devise\./).each { |k| session.delete(k) }
|
||||
end
|
||||
|
|
|
@ -11,9 +11,11 @@ module Devise
|
|||
raise "You either need to pass stubs as a block or as a parameter" unless block_given? || stubs
|
||||
|
||||
config = Devise.omniauth_configs[provider]
|
||||
config.check_if_allow_stubs!
|
||||
raise "Could not find configuration for #{provider.to_s} omniauth provider" unless config
|
||||
|
||||
config.check_if_allow_stubs!
|
||||
stubs ||= Faraday::Adapter::Test::Stubs.new(&block)
|
||||
|
||||
config.build_connection do |b|
|
||||
b.adapter :test, stubs
|
||||
end
|
||||
|
|
|
@ -20,7 +20,7 @@ module Devise
|
|||
send("#{scope}_omniauth_authorize_path", *args)
|
||||
end
|
||||
|
||||
def omniauth_callback_url(resource_or_scope, *args)
|
||||
def omniauth_callback_path(resource_or_scope, *args)
|
||||
scope = Devise::Mapping.find_scope!(resource_or_scope)
|
||||
send("#{scope}_omniauth_callback_path", *args)
|
||||
end
|
||||
|
|
|
@ -376,7 +376,7 @@ end
|
|||
|
||||
class AuthenticationSignOutViaTest < ActionController::IntegrationTest
|
||||
def sign_in!(scope)
|
||||
sign_in_as_user(:visit => send("new_#{scope}_session_path"))
|
||||
sign_in_as_admin(:visit => send("new_#{scope}_session_path"))
|
||||
assert warden.authenticated?(scope)
|
||||
end
|
||||
|
||||
|
|
|
@ -1,244 +0,0 @@
|
|||
require 'test_helper'
|
||||
|
||||
class OAuthableIntegrationTest < ActionController::IntegrationTest
|
||||
FACEBOOK_INFO = {
|
||||
:username => 'usertest',
|
||||
:email => 'user@test.com'
|
||||
}
|
||||
|
||||
ACCESS_TOKEN = {
|
||||
:access_token => "plataformatec"
|
||||
}
|
||||
|
||||
setup do
|
||||
Devise::Oauth.short_circuit_authorizers!
|
||||
end
|
||||
|
||||
teardown do
|
||||
Devise::Oauth.unshort_circuit_authorizers!
|
||||
Devise::Oauth.reset_stubs!
|
||||
User.singleton_class.remove_possible_method(:find_for_github_oauth)
|
||||
end
|
||||
|
||||
def stub_github!
|
||||
def User.find_for_github_oauth(*); end
|
||||
|
||||
Devise::Oauth.stub!(:github) do |b|
|
||||
b.post('/login/oauth/access_token') { [200, {}, ACCESS_TOKEN.to_json] }
|
||||
end
|
||||
end
|
||||
|
||||
def stub_facebook!(valid=true)
|
||||
data = valid ? FACEBOOK_INFO : FACEBOOK_INFO.except(:email)
|
||||
|
||||
Devise::Oauth.stub!(:facebook) do |b|
|
||||
b.post('/oauth/access_token') { [200, {}, ACCESS_TOKEN.to_json] }
|
||||
b.get('/me?access_token=plataformatec') { [200, {}, data.to_json] }
|
||||
end
|
||||
end
|
||||
|
||||
test "[BASIC] setup with persisted user" do
|
||||
stub_facebook!
|
||||
|
||||
assert_difference "User.count", 1 do
|
||||
visit "/users/sign_in"
|
||||
click_link "Sign in with Facebook"
|
||||
end
|
||||
|
||||
assert_current_url "/"
|
||||
assert_contain "Successfully authorized from Facebook account."
|
||||
|
||||
assert warden.authenticated?(:user)
|
||||
assert_not warden.authenticated?(:admin)
|
||||
assert "plataformatec", warden.user(:user).facebook_token
|
||||
end
|
||||
|
||||
test "[BASIC] setup with not persisted user and follow up" do
|
||||
stub_facebook!(false)
|
||||
|
||||
assert_no_difference "User.count" do
|
||||
visit "/users/sign_in"
|
||||
click_link "Sign in with Facebook"
|
||||
end
|
||||
|
||||
assert_contain "1 error prohibited this user from being saved"
|
||||
assert_contain "Email can't be blank"
|
||||
|
||||
assert_not warden.authenticated?(:user)
|
||||
assert_not warden.authenticated?(:admin)
|
||||
|
||||
fill_in "Email", :with => "user.form@test.com"
|
||||
click_button "Sign up"
|
||||
|
||||
assert_current_url "/"
|
||||
assert_contain "You have signed up successfully."
|
||||
assert_contain "Hello User user.form@test.com"
|
||||
|
||||
assert warden.authenticated?(:user)
|
||||
assert_not warden.authenticated?(:admin)
|
||||
assert "plataformatec", warden.user(:user).facebook_token
|
||||
end
|
||||
|
||||
test "[BASIC] setup updating an existing user in database" do
|
||||
stub_facebook!
|
||||
user = create_user
|
||||
|
||||
assert_no_difference "User.count" do
|
||||
visit "/users/sign_in"
|
||||
click_link "Sign in with Facebook"
|
||||
end
|
||||
|
||||
assert_current_url "/"
|
||||
assert_contain "Successfully authorized from Facebook account."
|
||||
|
||||
assert_equal user, warden.user(:user)
|
||||
assert_equal "plataformatec", user.reload.facebook_token
|
||||
end
|
||||
|
||||
test "[BASIC] setup updating an existing user in session" do
|
||||
stub_facebook!
|
||||
|
||||
# Create an user and change his e-mail
|
||||
user = sign_in_as_user
|
||||
user.email = "another@test.com"
|
||||
user.save!
|
||||
|
||||
assert_no_difference "User.count" do
|
||||
visit "/"
|
||||
click_link "Sign in with Facebook"
|
||||
end
|
||||
|
||||
assert_current_url "/"
|
||||
assert_contain "Successfully authorized from Facebook account."
|
||||
|
||||
assert_equal user, warden.user(:user)
|
||||
assert_equal "another@test.com", warden.user(:user).email
|
||||
assert_equal "plataformatec", user.reload.facebook_token
|
||||
end
|
||||
|
||||
test "[SESSION CLEANUP] ensures session is cleaned up after sign up" do
|
||||
stub_facebook!(false)
|
||||
|
||||
assert_no_difference "User.count" do
|
||||
visit "/users/sign_in"
|
||||
click_link "Sign in with Facebook"
|
||||
end
|
||||
|
||||
assert_contain "1 error prohibited this user from being saved"
|
||||
fill_in "Email", :with => "user.form@test.com"
|
||||
click_button "Sign up"
|
||||
|
||||
assert_contain "You have signed up successfully."
|
||||
visit "/users/sign_out"
|
||||
|
||||
user = sign_in_as_user
|
||||
assert_nil warden.user(:user).facebook_token
|
||||
assert_equal user, warden.user(:user)
|
||||
end
|
||||
|
||||
test "[SESSION CLEANUP] ensures session is cleaned up on cancel" do
|
||||
stub_facebook!(false)
|
||||
|
||||
assert_no_difference "User.count" do
|
||||
visit "/users/sign_in"
|
||||
click_link "Sign in with Facebook"
|
||||
end
|
||||
|
||||
assert_contain "1 error prohibited this user from being saved"
|
||||
visit "/users/cancel"
|
||||
|
||||
user = sign_in_as_user
|
||||
assert_nil warden.user(:user).facebook_token
|
||||
assert_equal user, warden.user(:user)
|
||||
end
|
||||
|
||||
test "[SESSION CLEANUP] ensures session is cleaned up on sign in" do
|
||||
stub_facebook!(false)
|
||||
|
||||
assert_no_difference "User.count" do
|
||||
visit "/users/sign_in"
|
||||
click_link "Sign in with Facebook"
|
||||
end
|
||||
|
||||
assert_contain "1 error prohibited this user from being saved"
|
||||
|
||||
user = sign_in_as_user
|
||||
assert_nil warden.user(:user).facebook_token
|
||||
assert_equal user, warden.user(:user)
|
||||
end
|
||||
|
||||
test "[I18N] scopes messages based on oauth callback for success" do
|
||||
stub_facebook!
|
||||
|
||||
store_translations :en, :devise => { :oauth_callbacks => {
|
||||
:facebook => { :success => "Welcome facebooker" } } } do
|
||||
visit "/users/sign_in"
|
||||
click_link "Sign in with Facebook"
|
||||
assert_contain "Welcome facebooker"
|
||||
end
|
||||
end
|
||||
|
||||
test "[I18N] scopes messages based on oauth callback and resource name for success" do
|
||||
stub_facebook!
|
||||
|
||||
store_translations :en, :devise => { :oauth_callbacks => {
|
||||
:user => { :facebook => { :success => "Welcome facebooker user" } },
|
||||
:facebook => { :success => "Welcome facebooker" } } } do
|
||||
visit "/users/sign_in"
|
||||
click_link "Sign in with Facebook"
|
||||
assert_contain "Welcome facebooker user"
|
||||
end
|
||||
end
|
||||
|
||||
test "[FAILURE] shows 404 if no code or error are given as params" do
|
||||
assert_raise AbstractController::ActionNotFound do
|
||||
visit "/users/oauth/facebook/callback"
|
||||
end
|
||||
end
|
||||
|
||||
test "[FAILURE] raises an error if model does not implement a hook" do
|
||||
begin
|
||||
visit "/users/oauth/github/callback?code=123456"
|
||||
raise "Expected visit to raise an error"
|
||||
rescue Exception => e
|
||||
assert_match "User does not respond to find_for_github_oauth", e.message
|
||||
end
|
||||
end
|
||||
|
||||
test "[FAILURE] handles callback error parameter according to the specification" do
|
||||
visit "/users/oauth/facebook/callback?error=access_denied"
|
||||
assert_current_url "/users/sign_in"
|
||||
assert_contain 'Could not authorize you from Facebook because "Access denied".'
|
||||
end
|
||||
|
||||
test "[FAILURE] handles callback error_reason just for Facebook compatibility" do
|
||||
visit "/users/oauth/facebook/callback?error_reason=access_denied"
|
||||
assert_current_url "/users/sign_in"
|
||||
assert_contain 'Could not authorize you from Facebook because "Access denied".'
|
||||
end
|
||||
|
||||
test "[FAILURE][I18N] uses I18n for custom messages" do
|
||||
visit "/users/oauth/facebook/callback?error=access_denied"
|
||||
assert_current_url "/users/sign_in"
|
||||
assert_contain 'Could not authorize you from Facebook because "Access denied"'
|
||||
end
|
||||
|
||||
test "[FAILURE][I18N] uses I18n with oauth callback scope for custom messages" do
|
||||
store_translations :en, :devise => { :oauth_callbacks => {
|
||||
:facebook => { :failure => "Access denied bro" } } } do
|
||||
visit "/users/oauth/facebook/callback?error=access_denied"
|
||||
assert_current_url "/users/sign_in"
|
||||
assert_contain "Access denied bro"
|
||||
end
|
||||
end
|
||||
|
||||
test "[FAILURE][I18N] uses I18n with oauth callback scope and resource name for custom messages" do
|
||||
store_translations :en, :devise => { :oauth_callbacks => {
|
||||
:user => { :facebook => { :failure => "Access denied user" } },
|
||||
:facebook => { :failure => "Access denied bro" } } } do
|
||||
visit "/users/oauth/facebook/callback?error=access_denied"
|
||||
assert_current_url "/users/sign_in"
|
||||
assert_contain "Access denied user"
|
||||
end
|
||||
end
|
||||
end
|
141
test/integration/omniauthable_test.rb
Normal file
141
test/integration/omniauthable_test.rb
Normal file
|
@ -0,0 +1,141 @@
|
|||
require 'test_helper'
|
||||
|
||||
class OmniauthableIntegrationTest < ActionController::IntegrationTest
|
||||
FACEBOOK_INFO = {
|
||||
:id => '12345',
|
||||
:link => 'http://facebook.com/josevalim',
|
||||
:email => 'user@example.com',
|
||||
:first_name => 'Jose',
|
||||
:last_name => 'Valim',
|
||||
:website => 'http://blog.plataformatec.com.br'
|
||||
}
|
||||
|
||||
ACCESS_TOKEN = {
|
||||
:access_token => "plataformatec"
|
||||
}
|
||||
|
||||
setup do
|
||||
stub_facebook!
|
||||
Devise::OmniAuth.short_circuit_authorizers!
|
||||
end
|
||||
|
||||
teardown do
|
||||
Devise::OmniAuth.unshort_circuit_authorizers!
|
||||
Devise::OmniAuth.reset_stubs!
|
||||
end
|
||||
|
||||
def stub_facebook!
|
||||
Devise::OmniAuth.stub!(:facebook) do |b|
|
||||
b.post('/oauth/access_token') { [200, {}, ACCESS_TOKEN.to_json] }
|
||||
b.get('/me?access_token=plataformatec') { [200, {}, FACEBOOK_INFO.to_json] }
|
||||
end
|
||||
end
|
||||
|
||||
test "can access omniauth.auth in the env hash" do
|
||||
visit "/users/sign_in"
|
||||
click_link "Sign in with Facebook"
|
||||
|
||||
json = ActiveSupport::JSON.decode(response.body)
|
||||
|
||||
assert_equal "12345", json["uid"]
|
||||
assert_equal "facebook", json["provider"]
|
||||
assert_equal "josevalim", json["user_info"]["nickname"]
|
||||
assert_equal FACEBOOK_INFO, json["extra"]["user_hash"].symbolize_keys
|
||||
assert_equal "plataformatec", json["credentials"]["token"]
|
||||
end
|
||||
|
||||
test "cleans up session on sign up" do
|
||||
assert_no_difference "User.count" do
|
||||
visit "/users/sign_in"
|
||||
click_link "Sign in with Facebook"
|
||||
end
|
||||
|
||||
assert session["devise.facebook_data"]
|
||||
|
||||
assert_difference "User.count" do
|
||||
visit "/users/sign_up"
|
||||
fill_in "Password", :with => "123456"
|
||||
fill_in "Password confirmation", :with => "123456"
|
||||
click_button "Sign up"
|
||||
end
|
||||
|
||||
assert_current_url "/"
|
||||
assert_contain "You have signed up successfully."
|
||||
assert_contain "Hello User user@example.com"
|
||||
assert_not session["devise.facebook_data"]
|
||||
end
|
||||
|
||||
test "cleans up session on cancel" do
|
||||
assert_no_difference "User.count" do
|
||||
visit "/users/sign_in"
|
||||
click_link "Sign in with Facebook"
|
||||
end
|
||||
|
||||
assert session["devise.facebook_data"]
|
||||
visit "/users/cancel"
|
||||
assert !session["devise.facebook_data"]
|
||||
end
|
||||
|
||||
test "cleans up session on sign in" do
|
||||
assert_no_difference "User.count" do
|
||||
visit "/users/sign_in"
|
||||
click_link "Sign in with Facebook"
|
||||
end
|
||||
|
||||
assert session["devise.facebook_data"]
|
||||
user = sign_in_as_user
|
||||
assert !session["devise.facebook_data"]
|
||||
end
|
||||
|
||||
# test "[FAILURE] shows 404 if no code or error are given as params" do
|
||||
# assert_raise AbstractController::ActionNotFound do
|
||||
# visit "/users/oauth/facebook/callback"
|
||||
# end
|
||||
# end
|
||||
#
|
||||
# test "[FAILURE] raises an error if model does not implement a hook" do
|
||||
# begin
|
||||
# visit "/users/oauth/github/callback?code=123456"
|
||||
# raise "Expected visit to raise an error"
|
||||
# rescue Exception => e
|
||||
# assert_match "User does not respond to find_for_github_oauth", e.message
|
||||
# end
|
||||
# end
|
||||
#
|
||||
# test "[FAILURE] handles callback error parameter according to the specification" do
|
||||
# visit "/users/oauth/facebook/callback?error=access_denied"
|
||||
# assert_current_url "/users/sign_in"
|
||||
# assert_contain 'Could not authorize you from Facebook because "Access denied".'
|
||||
# end
|
||||
#
|
||||
# test "[FAILURE] handles callback error_reason just for Facebook compatibility" do
|
||||
# visit "/users/oauth/facebook/callback?error_reason=access_denied"
|
||||
# assert_current_url "/users/sign_in"
|
||||
# assert_contain 'Could not authorize you from Facebook because "Access denied".'
|
||||
# end
|
||||
#
|
||||
# test "[FAILURE][I18N] uses I18n for custom messages" do
|
||||
# visit "/users/oauth/facebook/callback?error=access_denied"
|
||||
# assert_current_url "/users/sign_in"
|
||||
# assert_contain 'Could not authorize you from Facebook because "Access denied"'
|
||||
# end
|
||||
#
|
||||
# test "[FAILURE][I18N] uses I18n with oauth callback scope for custom messages" do
|
||||
# store_translations :en, :devise => { :oauth_callbacks => {
|
||||
# :facebook => { :failure => "Access denied bro" } } } do
|
||||
# visit "/users/oauth/facebook/callback?error=access_denied"
|
||||
# assert_current_url "/users/sign_in"
|
||||
# assert_contain "Access denied bro"
|
||||
# end
|
||||
# end
|
||||
#
|
||||
# test "[FAILURE][I18N] uses I18n with oauth callback scope and resource name for custom messages" do
|
||||
# store_translations :en, :devise => { :oauth_callbacks => {
|
||||
# :user => { :facebook => { :failure => "Access denied user" } },
|
||||
# :facebook => { :failure => "Access denied bro" } } } do
|
||||
# visit "/users/oauth/facebook/callback?error=access_denied"
|
||||
# assert_current_url "/users/sign_in"
|
||||
# assert_contain "Access denied user"
|
||||
# end
|
||||
# end
|
||||
end
|
|
@ -29,7 +29,6 @@ class RegistrationTest < ActionController::IntegrationTest
|
|||
click_button 'Sign up'
|
||||
|
||||
assert_contain 'You have signed up successfully. However, we could not sign you in because your account is unconfirmed.'
|
||||
assert_contain 'Sign in'
|
||||
assert_not_contain 'You have to confirm your account before continuing'
|
||||
|
||||
assert_not warden.authenticated?(:user)
|
||||
|
@ -168,13 +167,13 @@ class RegistrationTest < ActionController::IntegrationTest
|
|||
|
||||
test 'a user should be able to cancel sign up by deleting data in the session' do
|
||||
get "/set"
|
||||
assert_equal "something", @request.session["user_provider_oauth_token"]
|
||||
assert_equal "something", @request.session["devise.foo_bar"]
|
||||
|
||||
get "/users/sign_up"
|
||||
assert_equal "something", @request.session["user_provider_oauth_token"]
|
||||
assert_equal "something", @request.session["devise.foo_bar"]
|
||||
|
||||
get "/users/cancel"
|
||||
assert_nil @request.session["user_provider_oauth_token"]
|
||||
assert_nil @request.session["devise.foo_bar"]
|
||||
assert_redirected_to new_user_registration_path
|
||||
end
|
||||
end
|
||||
|
|
|
@ -90,6 +90,6 @@ class MappingTest < ActiveSupport::TestCase
|
|||
assert mapping.recoverable?
|
||||
assert mapping.lockable?
|
||||
assert_not mapping.confirmable?
|
||||
assert_not mapping.oauthable?
|
||||
assert_not mapping.omniauthable?
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,21 +0,0 @@
|
|||
require 'test_helper'
|
||||
|
||||
class OauthableTest < ActiveSupport::TestCase
|
||||
teardown { Devise::Oauth.reset_stubs! }
|
||||
|
||||
test "oauth_configs returns all configurations relative to that model" do
|
||||
swap User, :oauth_providers => [:github] do
|
||||
assert_equal User.oauth_configs, Devise.oauth_configs.slice(:github)
|
||||
end
|
||||
end
|
||||
|
||||
test "oauth_access_token returns the token object for the given provider" do
|
||||
Devise::Oauth.stub!(:facebook) do |b|
|
||||
b.get('/me?access_token=plataformatec') { [200, {}, {}.to_json] }
|
||||
end
|
||||
|
||||
access_token = User.oauth_access_token(:facebook, "plataformatec")
|
||||
assert_kind_of OAuth2::AccessToken, access_token
|
||||
assert_equal "{}", access_token.get("/me")
|
||||
end
|
||||
end
|
|
@ -1,44 +0,0 @@
|
|||
require 'test_helper'
|
||||
|
||||
class OmniAuthConfigTest < ActiveSupport::TestCase
|
||||
ACCESS_TOKEN = {
|
||||
:access_token => "plataformatec"
|
||||
}
|
||||
|
||||
setup { @config = Devise.omniauth_configs[:facebook] }
|
||||
teardown { Devise::Omniauth.reset_stubs! }
|
||||
|
||||
test "stored OAuth2::Client" do
|
||||
assert_kind_of OAuth2::Client, @config.client
|
||||
end
|
||||
|
||||
test "build authorize url" do
|
||||
url = @config.authorize_url(:redirect_uri => "foo")
|
||||
assert_match "https://graph.facebook.com/oauth/authorize?", url
|
||||
assert_match "scope=email%2Coffline_access", url
|
||||
assert_match "client_id=APP_ID", url
|
||||
assert_match "type=web_server", url
|
||||
assert_match "redirect_uri=foo", url
|
||||
end
|
||||
|
||||
test "retrieves access token object by code" do
|
||||
Devise::Oauth.stub!(:facebook) do |b|
|
||||
b.post('/oauth/access_token') { [200, {}, ACCESS_TOKEN.to_json] }
|
||||
b.get('/me?access_token=plataformatec') { [200, {}, {}.to_json] }
|
||||
end
|
||||
|
||||
access_token = @config.access_token_by_code("12345")
|
||||
assert_kind_of OAuth2::AccessToken, access_token
|
||||
assert_equal "{}", access_token.get("/me")
|
||||
end
|
||||
|
||||
test "retrieves access token object by token" do
|
||||
Devise::Oauth.stub!(:facebook) do |b|
|
||||
b.get('/me?access_token=plataformatec') { [200, {}, {}.to_json] }
|
||||
end
|
||||
|
||||
access_token = @config.access_token_by_token("plataformatec")
|
||||
assert_kind_of OAuth2::AccessToken, access_token
|
||||
assert_equal "{}", access_token.get("/me")
|
||||
end
|
||||
end
|
|
@ -3,45 +3,35 @@ require 'test_helper'
|
|||
class OmniAuthRoutesTest < ActionController::TestCase
|
||||
tests ApplicationController
|
||||
|
||||
def assert_path_and_url(action, provider)
|
||||
def assert_path(action, provider, with_param=true)
|
||||
# Resource param
|
||||
assert_equal @controller.send(action, :user, provider),
|
||||
@controller.send("user_#{action}", provider)
|
||||
|
||||
# Default url params
|
||||
assert_equal @controller.send(action, :user, provider, :param => 123),
|
||||
@controller.send("user_#{action}", provider, :param => 123)
|
||||
|
||||
# With an object
|
||||
assert_equal @controller.send(action, User.new, provider, :param => 123),
|
||||
@controller.send("user_#{action}", provider, :param => 123)
|
||||
assert_equal @controller.send(action, User.new, provider),
|
||||
@controller.send("user_#{action}", provider)
|
||||
|
||||
if with_param
|
||||
# Default url params
|
||||
assert_equal @controller.send(action, :user, provider, :param => 123),
|
||||
@controller.send("user_#{action}", provider, :param => 123)
|
||||
end
|
||||
end
|
||||
|
||||
test 'should alias omniauth_callback to mapped user auth_callback' do
|
||||
assert_path_and_url :omniauth_callback_path, :github
|
||||
assert_path_and_url :omniauth_callback_url, :github
|
||||
assert_path_and_url :omniauth_callback_path, :facebook
|
||||
assert_path_and_url :omniauth_callback_url, :facebook
|
||||
assert_path :omniauth_callback_path, :facebook
|
||||
end
|
||||
|
||||
test 'should alias omniauth_authorize to mapped user auth_authorize' do
|
||||
assert_path_and_url :omniauth_authorize_url, :github
|
||||
assert_path_and_url :omniauth_authorize_url, :facebook
|
||||
assert_path :omniauth_authorize_path, :facebook, false
|
||||
end
|
||||
|
||||
test 'should adds scope, provider and redirect_uri to authorize urls' do
|
||||
url = @controller.omniauth_authorize_url(:user, :github)
|
||||
assert_match "https://github.com/login/omniauth/authorize?", url
|
||||
assert_match "scope=user%2Cpublic_repo", url
|
||||
assert_match "client_id=APP_ID", url
|
||||
assert_match "type=web_server", url
|
||||
assert_match "redirect_uri=http%3A%2F%2Ftest.host%2Fusers%2Fomniauth%2Fgithub%2Fcallback", url
|
||||
test 'should generate authorization path' do
|
||||
assert_match "/users/auth/facebook", @controller.omniauth_authorize_path(:user, :facebook)
|
||||
|
||||
url = @controller.omniauth_authorize_url(:user, :facebook)
|
||||
assert_match "https://graph.facebook.com/omniauth/authorize?", url
|
||||
assert_match "scope=email%2Coffline_access", url
|
||||
assert_match "client_id=APP_ID", url
|
||||
assert_match "type=web_server", url
|
||||
assert_match "redirect_uri=http%3A%2F%2Ftest.host%2Fusers%2Fomniauth%2Ffacebook%2Fcallback", url
|
||||
assert_raise ArgumentError do
|
||||
@controller.omniauth_authorize_path(:user, :github)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -6,7 +6,7 @@ class HomeController < ApplicationController
|
|||
end
|
||||
|
||||
def set
|
||||
session["user_provider_oauth_token"] = "something"
|
||||
session["devise.foo_bar"] = "something"
|
||||
head :ok
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
|
||||
def facebook
|
||||
data = env["omniauth.auth"]
|
||||
session["devise.facebook_data"] = data
|
||||
session["devise.facebook_data"] = data["extra"]["user_hash"]
|
||||
render :json => data
|
||||
end
|
||||
end
|
|
@ -1,5 +1 @@
|
|||
Home!
|
||||
|
||||
<%- User.oauth_providers.each do |provider| %>
|
||||
<%= link_to "Sign in with #{provider.to_s.titleize}", user_oauth_authorize_url(provider) %><br />
|
||||
<% end -%>
|
||||
Home!
|
|
@ -149,15 +149,7 @@ Devise.setup do |config|
|
|||
# config.sign_out_via = :get
|
||||
|
||||
# ==> OmniAuth
|
||||
config.omniauth :github, 'APP_ID', 'APP_SECRET',
|
||||
:site => 'https://github.com/',
|
||||
:authorize_path => '/login/oauth/authorize',
|
||||
:access_token_path => '/login/oauth/access_token',
|
||||
:scope => 'user,public_repo'
|
||||
|
||||
config.omniauth :facebook, 'APP_ID', 'APP_SECRET',
|
||||
:site => 'https://graph.facebook.com/',
|
||||
:scope => 'email,offline_access'
|
||||
config.omniauth :facebook, 'APP_ID', 'APP_SECRET', :scope => 'email,offline_access'
|
||||
|
||||
# ==> Warden configuration
|
||||
# If you want to use other strategies, that are not supported by Devise, or
|
||||
|
|
|
@ -30,11 +30,11 @@ Rails.application.routes.draw do
|
|||
|
||||
# Other routes for routing_test.rb
|
||||
namespace :publisher, :path_names => { :sign_in => "i_dont_care", :sign_out => "get_out" } do
|
||||
devise_for :accounts, :class_name => "User", :path_names => { :sign_in => "get_in" }
|
||||
devise_for :accounts, :class_name => "Admin", :path_names => { :sign_in => "get_in" }
|
||||
end
|
||||
|
||||
scope ":locale" do
|
||||
devise_for :accounts, :singular => "manager", :class_name => "User",
|
||||
devise_for :accounts, :singular => "manager", :class_name => "Admin",
|
||||
:path_names => {
|
||||
:sign_in => "login", :sign_out => "logout",
|
||||
:password => "secret", :confirmation => "verification",
|
||||
|
@ -44,9 +44,9 @@ Rails.application.routes.draw do
|
|||
end
|
||||
|
||||
namespace :sign_out_via, :module => "devise" do
|
||||
devise_for :deletes, :sign_out_via => :delete, :class_name => "User"
|
||||
devise_for :posts, :sign_out_via => :post, :class_name => "User"
|
||||
devise_for :delete_or_posts, :sign_out_via => [:delete, :post], :class_name => "User"
|
||||
devise_for :deletes, :sign_out_via => :delete, :class_name => "Admin"
|
||||
devise_for :posts, :sign_out_via => :post, :class_name => "Admin"
|
||||
devise_for :delete_or_posts, :sign_out_via => [:delete, :post], :class_name => "Admin"
|
||||
end
|
||||
|
||||
match "/set", :to => "home#set"
|
||||
|
|
|
@ -14,8 +14,8 @@ module SharedUser
|
|||
def new_with_session(params, session)
|
||||
super.tap do |user|
|
||||
if data = session["devise.facebook_data"]
|
||||
user.username = data["nickname"]
|
||||
user.email = data["email"]
|
||||
user.email = data["email"]
|
||||
user.confirmed_at = Time.now
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -91,15 +91,12 @@ class DefaultRoutingTest < ActionController::TestCase
|
|||
assert_named_route "/users/cancel", :cancel_user_registration_path
|
||||
end
|
||||
|
||||
test 'map oauth callbacks' do
|
||||
assert_recognizes({:controller => 'devise/oauth_callbacks', :action => 'facebook'}, {:path => 'users/oauth/facebook/callback', :method => :get})
|
||||
assert_named_route "/users/oauth/facebook/callback", :user_oauth_callback_path, :facebook
|
||||
|
||||
assert_recognizes({:controller => 'devise/oauth_callbacks', :action => 'github'}, {:path => 'users/oauth/github/callback', :method => :get})
|
||||
assert_named_route "/users/oauth/github/callback", :user_oauth_callback_path, :github
|
||||
test 'map omniauth callbacks' do
|
||||
assert_recognizes({:controller => 'users/omniauth_callbacks', :action => 'facebook'}, {:path => 'users/auth/facebook/callback', :method => :get})
|
||||
assert_named_route "/users/auth/facebook/callback", :user_omniauth_callback_path, :facebook
|
||||
|
||||
assert_raise ActionController::RoutingError do
|
||||
assert_recognizes({:controller => 'devise/oauth_callbacks', :action => 'twitter'}, {:path => 'users/oauth/twitter/callback', :method => :get})
|
||||
assert_recognizes({:controller => 'ysers/omniauth_callbacks', :action => 'twitter'}, {:path => 'users/auth/twitter/callback', :method => :get})
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -137,14 +134,6 @@ class CustomizedRoutingTest < ActionController::TestCase
|
|||
assert_recognizes({:controller => 'devise/passwords', :action => 'new', :locale => 'en'}, '/en/accounts/secret/new')
|
||||
end
|
||||
|
||||
test 'map account with custom path name for confirmation' do
|
||||
assert_recognizes({:controller => 'devise/confirmations', :action => 'new', :locale => 'en'}, '/en/accounts/verification/new')
|
||||
end
|
||||
|
||||
test 'map account with custom path name for unlock' do
|
||||
assert_recognizes({:controller => 'devise/unlocks', :action => 'new', :locale => 'en'}, '/en/accounts/unblock/new')
|
||||
end
|
||||
|
||||
test 'map account with custom path name for registration' do
|
||||
assert_recognizes({:controller => 'devise/registrations', :action => 'new', :locale => 'en'}, '/en/accounts/management/register')
|
||||
end
|
||||
|
|
|
@ -16,7 +16,7 @@ Webrat.configure do |config|
|
|||
config.open_error_files = false
|
||||
end
|
||||
|
||||
Devise::Oauth.test_mode!
|
||||
Devise::OmniAuth.test_mode!
|
||||
|
||||
# Add support to load paths so we can overwrite broken webrat setup
|
||||
$:.unshift File.expand_path('../support', __FILE__)
|
||||
|
|
Loading…
Reference in a new issue