Codebase list ruby-omniauth-facebook / 4d6f3f6 test / support / shared_examples.rb
4d6f3f6

Tree @4d6f3f6 (Download .tar.gz)

shared_examples.rb @4d6f3f6raw · history · blame 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
# NOTE it would be useful if this lived in omniauth-oauth2 eventually
module OAuth2StrategyTests
  def self.included(base)
    base.class_eval do
      include ClientTests
      include AuthorizeParamsTests
      include CSRFAuthorizeParamsTests
      include TokenParamsTests
    end
  end
  
  module ClientTests
    extend BlockTestHelper
    
    test 'should be initialized with symbolized client_options' do
      @options = { :client_options => { 'authorize_url' => 'https://example.com' } }
      assert_equal 'https://example.com', strategy.client.options[:authorize_url]
    end
  end

  module AuthorizeParamsTests
    extend BlockTestHelper
    
    test 'should include any authorize params passed in the :authorize_params option' do
      @options = { :authorize_params => { :foo => 'bar', :baz => 'zip' } }
      assert_equal 'bar', strategy.authorize_params['foo']
      assert_equal 'zip', strategy.authorize_params['baz']
    end

    test 'should include top-level options that are marked as :authorize_options' do
      @options = { :authorize_options => [:scope, :foo], :scope => 'bar', :foo => 'baz' }
      assert_equal 'bar', strategy.authorize_params['scope']
      assert_equal 'baz', strategy.authorize_params['foo']
    end
    
    test 'should exclude top-level options that are not passed' do
      @options = { :authorize_options => [:bar] }
      refute_has_key :bar, strategy.authorize_params
      refute_has_key 'bar', strategy.authorize_params
    end
  end

  module CSRFAuthorizeParamsTests
    extend BlockTestHelper

    test 'should store random state in the session when none is present in authorize or request params' do
      assert_includes strategy.authorize_params.keys, 'state'
      refute_empty strategy.authorize_params['state']
      refute_empty strategy.session['omniauth.state']
      assert_equal strategy.authorize_params['state'], strategy.session['omniauth.state']
    end

    test 'should not store state in the session when present in authorize params vs. a random one' do
      @options = { :authorize_params => { :state => 'bar' } }
      refute_empty strategy.authorize_params['state']
      refute_equal 'bar', strategy.authorize_params[:state]
      refute_empty strategy.session['omniauth.state']
      refute_equal 'bar', strategy.session['omniauth.state']
    end

    test 'should not store state in the session when present in request params vs. a random one' do
      @request.stubs(:params).returns({ 'state' => 'foo' })
      refute_empty strategy.authorize_params['state']
      refute_equal 'foo', strategy.authorize_params[:state]
      refute_empty strategy.session['omniauth.state']
      refute_equal 'foo', strategy.session['omniauth.state']
    end
  end

  module TokenParamsTests
    extend BlockTestHelper
    
    test 'should include any authorize params passed in the :token_params option' do
      @options = { :token_params => { :foo => 'bar', :baz => 'zip' } }
      assert_equal 'bar', strategy.token_params['foo']
      assert_equal 'zip', strategy.token_params['baz']
    end

    test 'should include top-level options that are marked as :token_options' do
      @options = { :token_options => [:scope, :foo], :scope => 'bar', :foo => 'baz' }
      assert_equal 'bar', strategy.token_params['scope']
      assert_equal 'baz', strategy.token_params['foo']
    end
  end
end