-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added Assertion Flow #249
Added Assertion Flow #249
Changes from all commits
85d28d6
6b7045e
b3f3993
6865c34
b7cbe6c
ec9d59e
66394b9
579eb8f
d27018e
2ef8881
63c194a
adcb7a9
925169f
28318c4
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
module Doorkeeper | ||
module Request | ||
class Assertion | ||
def self.build(server) | ||
new(server.credentials, server.resource_owner_from_assertion, server) | ||
end | ||
|
||
attr_accessor :credentials, :resource_owner, :server | ||
|
||
def initialize(credentials, resource_owner, server) | ||
@credentials, @resource_owner, @server = credentials, resource_owner, server | ||
end | ||
|
||
def request | ||
@request ||= OAuth::PasswordAccessTokenRequest.new(Doorkeeper.configuration, credentials, resource_owner, server.parameters) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Line is too long. [132/80] |
||
end | ||
|
||
def authorize | ||
request.authorize | ||
end | ||
end | ||
end | ||
end |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
class AddAssertionToUsers < ActiveRecord::Migration | ||
def change | ||
add_column :users, :assertion, :string | ||
end | ||
end |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,76 @@ | ||
# coding: utf-8 | ||
|
||
require 'spec_helper_integration' | ||
|
||
feature 'Resource Owner Assertion Flow inproperly set up' do | ||
background do | ||
client_exists | ||
create_resource_owner | ||
end | ||
|
||
context 'with valid user assertion' do | ||
scenario "should not issue new token" do | ||
expect { | ||
post assertion_endpoint_url(:client => @client, :resource_owner => @resource_owner) | ||
}.to_not change { Doorkeeper::AccessToken.count } | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Does it hit |
||
|
||
should_have_json 'error', 'invalid_resource_owner' | ||
should_have_json 'error_description', translated_error_message(:invalid_resource_owner) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Line is too long. [93/80] |
||
expect(response.status).to eq(401) | ||
end | ||
end | ||
end | ||
|
||
feature 'Resource Owner Assertion Flow' do | ||
background do | ||
config_is_set(:resource_owner_from_assertion) { User.where(:assertion => params[:assertion]).first } | ||
client_exists | ||
create_resource_owner | ||
end | ||
|
||
context 'with valid user assertion' do | ||
scenario "should issue new token" do | ||
expect { | ||
post assertion_endpoint_url(:client => @client, :resource_owner => @resource_owner) | ||
}.to change { Doorkeeper::AccessToken.count }.by(1) | ||
|
||
token = Doorkeeper::AccessToken.first | ||
|
||
should_have_json 'access_token', token.token | ||
end | ||
|
||
scenario "should issue a refresh token if enabled" do | ||
config_is_set(:refresh_token_enabled, true) | ||
|
||
post assertion_endpoint_url(:client => @client, :resource_owner => @resource_owner) | ||
|
||
token = Doorkeeper::AccessToken.first | ||
|
||
should_have_json 'refresh_token', token.refresh_token | ||
end | ||
|
||
end | ||
|
||
context "with invalid user assertion" do | ||
scenario "should not issue new token with bad assertion" do | ||
expect { | ||
post assertion_endpoint_url( :client => @client, :assertion => 'i_dont_exist' ) | ||
}.to_not change { Doorkeeper::AccessToken.count } | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We should assert it returns an |
||
|
||
should_have_json 'error', 'invalid_resource_owner' | ||
should_have_json 'error_description', translated_error_message(:invalid_resource_owner) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Line is too long. [93/80] |
||
expect(response.status).to eq(401) | ||
end | ||
|
||
scenario "should not issue new token without assertion" do | ||
expect { | ||
post assertion_endpoint_url( :client => @client ) | ||
}.to_not change { Doorkeeper::AccessToken.count } | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We should assert it returns an |
||
|
||
should_have_json 'error', 'invalid_resource_owner' | ||
should_have_json 'error_description', translated_error_message(:invalid_resource_owner) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Line is too long. [93/80] |
||
expect(response.status).to eq(401) | ||
end | ||
|
||
end | ||
end |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Line is too long. [84/80]