mirror of
https://github.com/simi/omniauth-facebook.git
synced 2022-11-09 12:32:45 -05:00
c277322722
Conflicts: lib/omniauth/strategies/facebook.rb test/support/shared_examples.rb test/test.rb
85 lines
3.3 KiB
Ruby
85 lines
3.3 KiB
Ruby
# NOTE it would be useful if this lived in omniauth-oauth2 eventually
|
|
module OAuth2StrategyTests
|
|
def self.included(base)
|
|
base.class_eval do
|
|
include ClientTests
|
|
include AuthorizeParamsTests
|
|
include CSRFAuthorizeParamsTests
|
|
include TokenParamsTests
|
|
end
|
|
end
|
|
|
|
module ClientTests
|
|
extend BlockTestHelper
|
|
|
|
test 'should be initialized with symbolized client_options' do
|
|
@options = { :client_options => { 'authorize_url' => 'https://example.com' } }
|
|
assert_equal 'https://example.com', strategy.client.options[:authorize_url]
|
|
end
|
|
end
|
|
|
|
module AuthorizeParamsTests
|
|
extend BlockTestHelper
|
|
|
|
test 'should include any authorize params passed in the :authorize_params option' do
|
|
@options = { :authorize_params => { :foo => 'bar', :baz => 'zip' } }
|
|
assert_equal 'bar', strategy.authorize_params['foo']
|
|
assert_equal 'zip', strategy.authorize_params['baz']
|
|
end
|
|
|
|
test 'should include top-level options that are marked as :authorize_options' do
|
|
@options = { :authorize_options => [:scope, :foo], :scope => 'bar', :foo => 'baz' }
|
|
assert_equal 'bar', strategy.authorize_params['scope']
|
|
assert_equal 'baz', strategy.authorize_params['foo']
|
|
end
|
|
|
|
test 'should exclude top-level options that are not passed' do
|
|
@options = { :authorize_options => [:bar] }
|
|
refute_has_key :bar, strategy.authorize_params
|
|
refute_has_key 'bar', strategy.authorize_params
|
|
end
|
|
end
|
|
|
|
module CSRFAuthorizeParamsTests
|
|
extend BlockTestHelper
|
|
|
|
test 'should store random state in the session when none is present in authorize or request params' do
|
|
assert_includes strategy.authorize_params.keys, 'state'
|
|
refute_empty strategy.authorize_params['state']
|
|
refute_empty strategy.session['omniauth.state']
|
|
assert_equal strategy.authorize_params['state'], strategy.session['omniauth.state']
|
|
end
|
|
|
|
test 'should not store state in the session when present in authorize params vs. a random one' do
|
|
@options = { :authorize_params => { :state => 'bar' } }
|
|
refute_empty strategy.authorize_params['state']
|
|
refute_equal 'bar', strategy.authorize_params[:state]
|
|
refute_empty strategy.session['omniauth.state']
|
|
refute_equal 'bar', strategy.session['omniauth.state']
|
|
end
|
|
|
|
test 'should not store state in the session when present in request params vs. a random one' do
|
|
@request.stubs(:params).returns({ 'state' => 'foo' })
|
|
refute_empty strategy.authorize_params['state']
|
|
refute_equal 'foo', strategy.authorize_params[:state]
|
|
refute_empty strategy.session['omniauth.state']
|
|
refute_equal 'foo', strategy.session['omniauth.state']
|
|
end
|
|
end
|
|
|
|
module TokenParamsTests
|
|
extend BlockTestHelper
|
|
|
|
test 'should include any authorize params passed in the :token_params option' do
|
|
@options = { :token_params => { :foo => 'bar', :baz => 'zip' } }
|
|
assert_equal 'bar', strategy.token_params['foo']
|
|
assert_equal 'zip', strategy.token_params['baz']
|
|
end
|
|
|
|
test 'should include top-level options that are marked as :token_options' do
|
|
@options = { :token_options => [:scope, :foo], :scope => 'bar', :foo => 'baz' }
|
|
assert_equal 'bar', strategy.token_params['scope']
|
|
assert_equal 'baz', strategy.token_params['foo']
|
|
end
|
|
end
|
|
end
|