From 611261c64ef2816760d3a6785f34e5d8d5fe11e6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Valim?= Date: Fri, 15 Oct 2010 00:44:21 +0200 Subject: [PATCH] More tests for Omniauth. --- .../devise/registrations_controller.rb | 1 + app/views/devise/shared/_links.erb | 6 +- config/locales/en.yml | 2 +- lib/devise/controllers/helpers.rb | 15 +- lib/devise/omniauth/test_helpers.rb | 4 +- lib/devise/omniauth/url_helpers.rb | 2 +- test/integration/authenticatable_test.rb | 2 +- test/integration/oauthable_test.rb | 244 ------------------ test/integration/omniauthable_test.rb | 141 ++++++++++ test/integration/registerable_test.rb | 7 +- test/mapping_test.rb | 2 +- test/models/oauthable_test.rb | 21 -- test/omniauth/config_test.rb | 44 ---- test/omniauth/url_helpers_test.rb | 42 ++- .../app/controllers/home_controller.rb | 2 +- .../users/omniauth_callbacks_controller.rb | 2 +- test/rails_app/app/views/home/index.html.erb | 6 +- test/rails_app/config/initializers/devise.rb | 10 +- test/rails_app/config/routes.rb | 10 +- test/rails_app/lib/shared_user.rb | 4 +- test/routes_test.rb | 19 +- test/test_helper.rb | 2 +- 22 files changed, 198 insertions(+), 390 deletions(-) delete mode 100644 test/integration/oauthable_test.rb create mode 100644 test/integration/omniauthable_test.rb delete mode 100644 test/models/oauthable_test.rb delete mode 100644 test/omniauth/config_test.rb diff --git a/app/controllers/devise/registrations_controller.rb b/app/controllers/devise/registrations_controller.rb index a86316bd..8257e4b4 100644 --- a/app/controllers/devise/registrations_controller.rb +++ b/app/controllers/devise/registrations_controller.rb @@ -19,6 +19,7 @@ class Devise::RegistrationsController < ApplicationController sign_in_and_redirect(resource_name, resource) else set_flash_message :notice, :inactive_signed_up, :reason => resource.inactive_message.to_s + expire_session_data_after_sign_in! redirect_to after_inactive_sign_up_path_for(resource) end else diff --git a/app/views/devise/shared/_links.erb b/app/views/devise/shared/_links.erb index af7dd2ba..eab783a4 100644 --- a/app/views/devise/shared/_links.erb +++ b/app/views/devise/shared/_links.erb @@ -18,8 +18,8 @@ <%= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name) %>
<% end -%> -<%- if devise_mapping.oauthable? %> - <%- resource_class.oauth_providers.each do |provider| %> - <%= link_to "Sign in with #{provider.to_s.titleize}", oauth_authorize_url(resource_name, provider) %>
+<%- if devise_mapping.omniauthable? %> + <%- resource_class.omniauth_providers.each do |provider| %> + <%= link_to "Sign in with #{provider.to_s.titleize}", omniauth_authorize_path(resource_name, provider) %>
<% end -%> <% end -%> \ No newline at end of file diff --git a/config/locales/en.yml b/config/locales/en.yml index 1c1f8256..d9956eb6 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -34,7 +34,7 @@ en: unlocks: send_instructions: 'You will receive an email with instructions about how to unlock your account in a few minutes.' unlocked: 'Your account was successfully unlocked. You are now signed in.' - oauth_callbacks: + omniauth_callbacks: success: 'Successfully authorized from %{kind} account.' failure: 'Could not authorize you from %{kind} because "%{reason}".' mailer: diff --git a/lib/devise/controllers/helpers.rb b/lib/devise/controllers/helpers.rb index 3398d453..29b5b817 100644 --- a/lib/devise/controllers/helpers.rb +++ b/lib/devise/controllers/helpers.rb @@ -104,10 +104,11 @@ module Devise scope = Devise::Mapping.find_scope!(resource_or_scope) resource = args.last || resource_or_scope + expire_session_data_after_sign_in! + if options[:bypass] warden.session_serializer.store(resource, scope) else - expire_session_data_after_sign_in! warden.set_user(resource, options.merge!(:scope => scope)) end end @@ -195,7 +196,13 @@ module Devise options = args.extract_options! scope = Devise::Mapping.find_scope!(resource_or_scope) resource = args.last || resource_or_scope - sign_in(scope, resource, options) unless warden.user(scope) == resource + + if warden.user(scope) == resource + expire_session_data_after_sign_in! + else + sign_in(scope, resource, options) + end + redirect_for_sign_in(scope, resource) end @@ -219,8 +226,8 @@ module Devise redirect_to after_sign_out_path_for(scope) end - # A hook called to expire session data after sign up/in. This is used - # by a few extensions, like oauth, to expire tokens stored in session. + # A hook called to expire session data after sign up/in. All keys + # stored under "devise." namespace are removed after sign in. def expire_session_data_after_sign_in! session.keys.grep(/^devise\./).each { |k| session.delete(k) } end diff --git a/lib/devise/omniauth/test_helpers.rb b/lib/devise/omniauth/test_helpers.rb index be218c7e..db58a7d6 100644 --- a/lib/devise/omniauth/test_helpers.rb +++ b/lib/devise/omniauth/test_helpers.rb @@ -11,9 +11,11 @@ module Devise raise "You either need to pass stubs as a block or as a parameter" unless block_given? || stubs config = Devise.omniauth_configs[provider] - config.check_if_allow_stubs! + raise "Could not find configuration for #{provider.to_s} omniauth provider" unless config + config.check_if_allow_stubs! stubs ||= Faraday::Adapter::Test::Stubs.new(&block) + config.build_connection do |b| b.adapter :test, stubs end diff --git a/lib/devise/omniauth/url_helpers.rb b/lib/devise/omniauth/url_helpers.rb index 8f77d950..52659406 100644 --- a/lib/devise/omniauth/url_helpers.rb +++ b/lib/devise/omniauth/url_helpers.rb @@ -20,7 +20,7 @@ module Devise send("#{scope}_omniauth_authorize_path", *args) end - def omniauth_callback_url(resource_or_scope, *args) + def omniauth_callback_path(resource_or_scope, *args) scope = Devise::Mapping.find_scope!(resource_or_scope) send("#{scope}_omniauth_callback_path", *args) end diff --git a/test/integration/authenticatable_test.rb b/test/integration/authenticatable_test.rb index c12e8642..2a551548 100644 --- a/test/integration/authenticatable_test.rb +++ b/test/integration/authenticatable_test.rb @@ -376,7 +376,7 @@ end class AuthenticationSignOutViaTest < ActionController::IntegrationTest def sign_in!(scope) - sign_in_as_user(:visit => send("new_#{scope}_session_path")) + sign_in_as_admin(:visit => send("new_#{scope}_session_path")) assert warden.authenticated?(scope) end diff --git a/test/integration/oauthable_test.rb b/test/integration/oauthable_test.rb deleted file mode 100644 index be9564bb..00000000 --- a/test/integration/oauthable_test.rb +++ /dev/null @@ -1,244 +0,0 @@ -require 'test_helper' - -class OAuthableIntegrationTest < ActionController::IntegrationTest - FACEBOOK_INFO = { - :username => 'usertest', - :email => 'user@test.com' - } - - ACCESS_TOKEN = { - :access_token => "plataformatec" - } - - setup do - Devise::Oauth.short_circuit_authorizers! - end - - teardown do - Devise::Oauth.unshort_circuit_authorizers! - Devise::Oauth.reset_stubs! - User.singleton_class.remove_possible_method(:find_for_github_oauth) - end - - def stub_github! - def User.find_for_github_oauth(*); end - - Devise::Oauth.stub!(:github) do |b| - b.post('/login/oauth/access_token') { [200, {}, ACCESS_TOKEN.to_json] } - end - end - - def stub_facebook!(valid=true) - data = valid ? FACEBOOK_INFO : FACEBOOK_INFO.except(:email) - - Devise::Oauth.stub!(:facebook) do |b| - b.post('/oauth/access_token') { [200, {}, ACCESS_TOKEN.to_json] } - b.get('/me?access_token=plataformatec') { [200, {}, data.to_json] } - end - end - - test "[BASIC] setup with persisted user" do - stub_facebook! - - assert_difference "User.count", 1 do - visit "/users/sign_in" - click_link "Sign in with Facebook" - end - - assert_current_url "/" - assert_contain "Successfully authorized from Facebook account." - - assert warden.authenticated?(:user) - assert_not warden.authenticated?(:admin) - assert "plataformatec", warden.user(:user).facebook_token - end - - test "[BASIC] setup with not persisted user and follow up" do - stub_facebook!(false) - - assert_no_difference "User.count" do - visit "/users/sign_in" - click_link "Sign in with Facebook" - end - - assert_contain "1 error prohibited this user from being saved" - assert_contain "Email can't be blank" - - assert_not warden.authenticated?(:user) - assert_not warden.authenticated?(:admin) - - fill_in "Email", :with => "user.form@test.com" - click_button "Sign up" - - assert_current_url "/" - assert_contain "You have signed up successfully." - assert_contain "Hello User user.form@test.com" - - assert warden.authenticated?(:user) - assert_not warden.authenticated?(:admin) - assert "plataformatec", warden.user(:user).facebook_token - end - - test "[BASIC] setup updating an existing user in database" do - stub_facebook! - user = create_user - - assert_no_difference "User.count" do - visit "/users/sign_in" - click_link "Sign in with Facebook" - end - - assert_current_url "/" - assert_contain "Successfully authorized from Facebook account." - - assert_equal user, warden.user(:user) - assert_equal "plataformatec", user.reload.facebook_token - end - - test "[BASIC] setup updating an existing user in session" do - stub_facebook! - - # Create an user and change his e-mail - user = sign_in_as_user - user.email = "another@test.com" - user.save! - - assert_no_difference "User.count" do - visit "/" - click_link "Sign in with Facebook" - end - - assert_current_url "/" - assert_contain "Successfully authorized from Facebook account." - - assert_equal user, warden.user(:user) - assert_equal "another@test.com", warden.user(:user).email - assert_equal "plataformatec", user.reload.facebook_token - end - - test "[SESSION CLEANUP] ensures session is cleaned up after sign up" do - stub_facebook!(false) - - assert_no_difference "User.count" do - visit "/users/sign_in" - click_link "Sign in with Facebook" - end - - assert_contain "1 error prohibited this user from being saved" - fill_in "Email", :with => "user.form@test.com" - click_button "Sign up" - - assert_contain "You have signed up successfully." - visit "/users/sign_out" - - user = sign_in_as_user - assert_nil warden.user(:user).facebook_token - assert_equal user, warden.user(:user) - end - - test "[SESSION CLEANUP] ensures session is cleaned up on cancel" do - stub_facebook!(false) - - assert_no_difference "User.count" do - visit "/users/sign_in" - click_link "Sign in with Facebook" - end - - assert_contain "1 error prohibited this user from being saved" - visit "/users/cancel" - - user = sign_in_as_user - assert_nil warden.user(:user).facebook_token - assert_equal user, warden.user(:user) - end - - test "[SESSION CLEANUP] ensures session is cleaned up on sign in" do - stub_facebook!(false) - - assert_no_difference "User.count" do - visit "/users/sign_in" - click_link "Sign in with Facebook" - end - - assert_contain "1 error prohibited this user from being saved" - - user = sign_in_as_user - assert_nil warden.user(:user).facebook_token - assert_equal user, warden.user(:user) - end - - test "[I18N] scopes messages based on oauth callback for success" do - stub_facebook! - - store_translations :en, :devise => { :oauth_callbacks => { - :facebook => { :success => "Welcome facebooker" } } } do - visit "/users/sign_in" - click_link "Sign in with Facebook" - assert_contain "Welcome facebooker" - end - end - - test "[I18N] scopes messages based on oauth callback and resource name for success" do - stub_facebook! - - store_translations :en, :devise => { :oauth_callbacks => { - :user => { :facebook => { :success => "Welcome facebooker user" } }, - :facebook => { :success => "Welcome facebooker" } } } do - visit "/users/sign_in" - click_link "Sign in with Facebook" - assert_contain "Welcome facebooker user" - end - end - - test "[FAILURE] shows 404 if no code or error are given as params" do - assert_raise AbstractController::ActionNotFound do - visit "/users/oauth/facebook/callback" - end - end - - test "[FAILURE] raises an error if model does not implement a hook" do - begin - visit "/users/oauth/github/callback?code=123456" - raise "Expected visit to raise an error" - rescue Exception => e - assert_match "User does not respond to find_for_github_oauth", e.message - end - end - - test "[FAILURE] handles callback error parameter according to the specification" do - visit "/users/oauth/facebook/callback?error=access_denied" - assert_current_url "/users/sign_in" - assert_contain 'Could not authorize you from Facebook because "Access denied".' - end - - test "[FAILURE] handles callback error_reason just for Facebook compatibility" do - visit "/users/oauth/facebook/callback?error_reason=access_denied" - assert_current_url "/users/sign_in" - assert_contain 'Could not authorize you from Facebook because "Access denied".' - end - - test "[FAILURE][I18N] uses I18n for custom messages" do - visit "/users/oauth/facebook/callback?error=access_denied" - assert_current_url "/users/sign_in" - assert_contain 'Could not authorize you from Facebook because "Access denied"' - end - - test "[FAILURE][I18N] uses I18n with oauth callback scope for custom messages" do - store_translations :en, :devise => { :oauth_callbacks => { - :facebook => { :failure => "Access denied bro" } } } do - visit "/users/oauth/facebook/callback?error=access_denied" - assert_current_url "/users/sign_in" - assert_contain "Access denied bro" - end - end - - test "[FAILURE][I18N] uses I18n with oauth callback scope and resource name for custom messages" do - store_translations :en, :devise => { :oauth_callbacks => { - :user => { :facebook => { :failure => "Access denied user" } }, - :facebook => { :failure => "Access denied bro" } } } do - visit "/users/oauth/facebook/callback?error=access_denied" - assert_current_url "/users/sign_in" - assert_contain "Access denied user" - end - end -end \ No newline at end of file diff --git a/test/integration/omniauthable_test.rb b/test/integration/omniauthable_test.rb new file mode 100644 index 00000000..779b1004 --- /dev/null +++ b/test/integration/omniauthable_test.rb @@ -0,0 +1,141 @@ +require 'test_helper' + +class OmniauthableIntegrationTest < ActionController::IntegrationTest + FACEBOOK_INFO = { + :id => '12345', + :link => 'http://facebook.com/josevalim', + :email => 'user@example.com', + :first_name => 'Jose', + :last_name => 'Valim', + :website => 'http://blog.plataformatec.com.br' + } + + ACCESS_TOKEN = { + :access_token => "plataformatec" + } + + setup do + stub_facebook! + Devise::OmniAuth.short_circuit_authorizers! + end + + teardown do + Devise::OmniAuth.unshort_circuit_authorizers! + Devise::OmniAuth.reset_stubs! + end + + def stub_facebook! + Devise::OmniAuth.stub!(:facebook) do |b| + b.post('/oauth/access_token') { [200, {}, ACCESS_TOKEN.to_json] } + b.get('/me?access_token=plataformatec') { [200, {}, FACEBOOK_INFO.to_json] } + end + end + + test "can access omniauth.auth in the env hash" do + visit "/users/sign_in" + click_link "Sign in with Facebook" + + json = ActiveSupport::JSON.decode(response.body) + + assert_equal "12345", json["uid"] + assert_equal "facebook", json["provider"] + assert_equal "josevalim", json["user_info"]["nickname"] + assert_equal FACEBOOK_INFO, json["extra"]["user_hash"].symbolize_keys + assert_equal "plataformatec", json["credentials"]["token"] + end + + test "cleans up session on sign up" do + assert_no_difference "User.count" do + visit "/users/sign_in" + click_link "Sign in with Facebook" + end + + assert session["devise.facebook_data"] + + assert_difference "User.count" do + visit "/users/sign_up" + fill_in "Password", :with => "123456" + fill_in "Password confirmation", :with => "123456" + click_button "Sign up" + end + + assert_current_url "/" + assert_contain "You have signed up successfully." + assert_contain "Hello User user@example.com" + assert_not session["devise.facebook_data"] + end + + test "cleans up session on cancel" do + assert_no_difference "User.count" do + visit "/users/sign_in" + click_link "Sign in with Facebook" + end + + assert session["devise.facebook_data"] + visit "/users/cancel" + assert !session["devise.facebook_data"] + end + + test "cleans up session on sign in" do + assert_no_difference "User.count" do + visit "/users/sign_in" + click_link "Sign in with Facebook" + end + + assert session["devise.facebook_data"] + user = sign_in_as_user + assert !session["devise.facebook_data"] + end + + # test "[FAILURE] shows 404 if no code or error are given as params" do + # assert_raise AbstractController::ActionNotFound do + # visit "/users/oauth/facebook/callback" + # end + # end + # + # test "[FAILURE] raises an error if model does not implement a hook" do + # begin + # visit "/users/oauth/github/callback?code=123456" + # raise "Expected visit to raise an error" + # rescue Exception => e + # assert_match "User does not respond to find_for_github_oauth", e.message + # end + # end + # + # test "[FAILURE] handles callback error parameter according to the specification" do + # visit "/users/oauth/facebook/callback?error=access_denied" + # assert_current_url "/users/sign_in" + # assert_contain 'Could not authorize you from Facebook because "Access denied".' + # end + # + # test "[FAILURE] handles callback error_reason just for Facebook compatibility" do + # visit "/users/oauth/facebook/callback?error_reason=access_denied" + # assert_current_url "/users/sign_in" + # assert_contain 'Could not authorize you from Facebook because "Access denied".' + # end + # + # test "[FAILURE][I18N] uses I18n for custom messages" do + # visit "/users/oauth/facebook/callback?error=access_denied" + # assert_current_url "/users/sign_in" + # assert_contain 'Could not authorize you from Facebook because "Access denied"' + # end + # + # test "[FAILURE][I18N] uses I18n with oauth callback scope for custom messages" do + # store_translations :en, :devise => { :oauth_callbacks => { + # :facebook => { :failure => "Access denied bro" } } } do + # visit "/users/oauth/facebook/callback?error=access_denied" + # assert_current_url "/users/sign_in" + # assert_contain "Access denied bro" + # end + # end + # + # test "[FAILURE][I18N] uses I18n with oauth callback scope and resource name for custom messages" do + # store_translations :en, :devise => { :oauth_callbacks => { + # :user => { :facebook => { :failure => "Access denied user" } }, + # :facebook => { :failure => "Access denied bro" } } } do + # visit "/users/oauth/facebook/callback?error=access_denied" + # assert_current_url "/users/sign_in" + # assert_contain "Access denied user" + # end + # end +end \ No newline at end of file diff --git a/test/integration/registerable_test.rb b/test/integration/registerable_test.rb index a5f2fc9c..e7f32411 100644 --- a/test/integration/registerable_test.rb +++ b/test/integration/registerable_test.rb @@ -29,7 +29,6 @@ class RegistrationTest < ActionController::IntegrationTest click_button 'Sign up' assert_contain 'You have signed up successfully. However, we could not sign you in because your account is unconfirmed.' - assert_contain 'Sign in' assert_not_contain 'You have to confirm your account before continuing' assert_not warden.authenticated?(:user) @@ -168,13 +167,13 @@ class RegistrationTest < ActionController::IntegrationTest test 'a user should be able to cancel sign up by deleting data in the session' do get "/set" - assert_equal "something", @request.session["user_provider_oauth_token"] + assert_equal "something", @request.session["devise.foo_bar"] get "/users/sign_up" - assert_equal "something", @request.session["user_provider_oauth_token"] + assert_equal "something", @request.session["devise.foo_bar"] get "/users/cancel" - assert_nil @request.session["user_provider_oauth_token"] + assert_nil @request.session["devise.foo_bar"] assert_redirected_to new_user_registration_path end end diff --git a/test/mapping_test.rb b/test/mapping_test.rb index 921f8883..5caa08b7 100644 --- a/test/mapping_test.rb +++ b/test/mapping_test.rb @@ -90,6 +90,6 @@ class MappingTest < ActiveSupport::TestCase assert mapping.recoverable? assert mapping.lockable? assert_not mapping.confirmable? - assert_not mapping.oauthable? + assert_not mapping.omniauthable? end end diff --git a/test/models/oauthable_test.rb b/test/models/oauthable_test.rb deleted file mode 100644 index 58a781ad..00000000 --- a/test/models/oauthable_test.rb +++ /dev/null @@ -1,21 +0,0 @@ -require 'test_helper' - -class OauthableTest < ActiveSupport::TestCase - teardown { Devise::Oauth.reset_stubs! } - - test "oauth_configs returns all configurations relative to that model" do - swap User, :oauth_providers => [:github] do - assert_equal User.oauth_configs, Devise.oauth_configs.slice(:github) - end - end - - test "oauth_access_token returns the token object for the given provider" do - Devise::Oauth.stub!(:facebook) do |b| - b.get('/me?access_token=plataformatec') { [200, {}, {}.to_json] } - end - - access_token = User.oauth_access_token(:facebook, "plataformatec") - assert_kind_of OAuth2::AccessToken, access_token - assert_equal "{}", access_token.get("/me") - end -end \ No newline at end of file diff --git a/test/omniauth/config_test.rb b/test/omniauth/config_test.rb deleted file mode 100644 index b800b104..00000000 --- a/test/omniauth/config_test.rb +++ /dev/null @@ -1,44 +0,0 @@ -require 'test_helper' - -class OmniAuthConfigTest < ActiveSupport::TestCase - ACCESS_TOKEN = { - :access_token => "plataformatec" - } - - setup { @config = Devise.omniauth_configs[:facebook] } - teardown { Devise::Omniauth.reset_stubs! } - - test "stored OAuth2::Client" do - assert_kind_of OAuth2::Client, @config.client - end - - test "build authorize url" do - url = @config.authorize_url(:redirect_uri => "foo") - assert_match "https://graph.facebook.com/oauth/authorize?", url - assert_match "scope=email%2Coffline_access", url - assert_match "client_id=APP_ID", url - assert_match "type=web_server", url - assert_match "redirect_uri=foo", url - end - - test "retrieves access token object by code" do - Devise::Oauth.stub!(:facebook) do |b| - b.post('/oauth/access_token') { [200, {}, ACCESS_TOKEN.to_json] } - b.get('/me?access_token=plataformatec') { [200, {}, {}.to_json] } - end - - access_token = @config.access_token_by_code("12345") - assert_kind_of OAuth2::AccessToken, access_token - assert_equal "{}", access_token.get("/me") - end - - test "retrieves access token object by token" do - Devise::Oauth.stub!(:facebook) do |b| - b.get('/me?access_token=plataformatec') { [200, {}, {}.to_json] } - end - - access_token = @config.access_token_by_token("plataformatec") - assert_kind_of OAuth2::AccessToken, access_token - assert_equal "{}", access_token.get("/me") - end -end \ No newline at end of file diff --git a/test/omniauth/url_helpers_test.rb b/test/omniauth/url_helpers_test.rb index afc6d1fd..8a7996b7 100644 --- a/test/omniauth/url_helpers_test.rb +++ b/test/omniauth/url_helpers_test.rb @@ -3,45 +3,35 @@ require 'test_helper' class OmniAuthRoutesTest < ActionController::TestCase tests ApplicationController - def assert_path_and_url(action, provider) + def assert_path(action, provider, with_param=true) # Resource param assert_equal @controller.send(action, :user, provider), @controller.send("user_#{action}", provider) - # Default url params - assert_equal @controller.send(action, :user, provider, :param => 123), - @controller.send("user_#{action}", provider, :param => 123) - # With an object - assert_equal @controller.send(action, User.new, provider, :param => 123), - @controller.send("user_#{action}", provider, :param => 123) + assert_equal @controller.send(action, User.new, provider), + @controller.send("user_#{action}", provider) + + if with_param + # Default url params + assert_equal @controller.send(action, :user, provider, :param => 123), + @controller.send("user_#{action}", provider, :param => 123) + end end test 'should alias omniauth_callback to mapped user auth_callback' do - assert_path_and_url :omniauth_callback_path, :github - assert_path_and_url :omniauth_callback_url, :github - assert_path_and_url :omniauth_callback_path, :facebook - assert_path_and_url :omniauth_callback_url, :facebook + assert_path :omniauth_callback_path, :facebook end test 'should alias omniauth_authorize to mapped user auth_authorize' do - assert_path_and_url :omniauth_authorize_url, :github - assert_path_and_url :omniauth_authorize_url, :facebook + assert_path :omniauth_authorize_path, :facebook, false end - test 'should adds scope, provider and redirect_uri to authorize urls' do - url = @controller.omniauth_authorize_url(:user, :github) - assert_match "https://github.com/login/omniauth/authorize?", url - assert_match "scope=user%2Cpublic_repo", url - assert_match "client_id=APP_ID", url - assert_match "type=web_server", url - assert_match "redirect_uri=http%3A%2F%2Ftest.host%2Fusers%2Fomniauth%2Fgithub%2Fcallback", url + test 'should generate authorization path' do + assert_match "/users/auth/facebook", @controller.omniauth_authorize_path(:user, :facebook) - url = @controller.omniauth_authorize_url(:user, :facebook) - assert_match "https://graph.facebook.com/omniauth/authorize?", url - assert_match "scope=email%2Coffline_access", url - assert_match "client_id=APP_ID", url - assert_match "type=web_server", url - assert_match "redirect_uri=http%3A%2F%2Ftest.host%2Fusers%2Fomniauth%2Ffacebook%2Fcallback", url + assert_raise ArgumentError do + @controller.omniauth_authorize_path(:user, :github) + end end end diff --git a/test/rails_app/app/controllers/home_controller.rb b/test/rails_app/app/controllers/home_controller.rb index 28412b83..e95e9a1a 100644 --- a/test/rails_app/app/controllers/home_controller.rb +++ b/test/rails_app/app/controllers/home_controller.rb @@ -6,7 +6,7 @@ class HomeController < ApplicationController end def set - session["user_provider_oauth_token"] = "something" + session["devise.foo_bar"] = "something" head :ok end end diff --git a/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb b/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb index 45216ff4..81cb8068 100644 --- a/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb +++ b/test/rails_app/app/controllers/users/omniauth_callbacks_controller.rb @@ -1,7 +1,7 @@ class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController def facebook data = env["omniauth.auth"] - session["devise.facebook_data"] = data + session["devise.facebook_data"] = data["extra"]["user_hash"] render :json => data end end \ No newline at end of file diff --git a/test/rails_app/app/views/home/index.html.erb b/test/rails_app/app/views/home/index.html.erb index cbf51378..7272a5af 100644 --- a/test/rails_app/app/views/home/index.html.erb +++ b/test/rails_app/app/views/home/index.html.erb @@ -1,5 +1 @@ -Home! - -<%- User.oauth_providers.each do |provider| %> - <%= link_to "Sign in with #{provider.to_s.titleize}", user_oauth_authorize_url(provider) %>
-<% end -%> \ No newline at end of file +Home! \ No newline at end of file diff --git a/test/rails_app/config/initializers/devise.rb b/test/rails_app/config/initializers/devise.rb index a62a4d4e..0b0b549a 100644 --- a/test/rails_app/config/initializers/devise.rb +++ b/test/rails_app/config/initializers/devise.rb @@ -149,15 +149,7 @@ Devise.setup do |config| # config.sign_out_via = :get # ==> OmniAuth - config.omniauth :github, 'APP_ID', 'APP_SECRET', - :site => 'https://github.com/', - :authorize_path => '/login/oauth/authorize', - :access_token_path => '/login/oauth/access_token', - :scope => 'user,public_repo' - - config.omniauth :facebook, 'APP_ID', 'APP_SECRET', - :site => 'https://graph.facebook.com/', - :scope => 'email,offline_access' + config.omniauth :facebook, 'APP_ID', 'APP_SECRET', :scope => 'email,offline_access' # ==> Warden configuration # If you want to use other strategies, that are not supported by Devise, or diff --git a/test/rails_app/config/routes.rb b/test/rails_app/config/routes.rb index adfe006a..35387812 100644 --- a/test/rails_app/config/routes.rb +++ b/test/rails_app/config/routes.rb @@ -30,11 +30,11 @@ Rails.application.routes.draw do # Other routes for routing_test.rb namespace :publisher, :path_names => { :sign_in => "i_dont_care", :sign_out => "get_out" } do - devise_for :accounts, :class_name => "User", :path_names => { :sign_in => "get_in" } + devise_for :accounts, :class_name => "Admin", :path_names => { :sign_in => "get_in" } end scope ":locale" do - devise_for :accounts, :singular => "manager", :class_name => "User", + devise_for :accounts, :singular => "manager", :class_name => "Admin", :path_names => { :sign_in => "login", :sign_out => "logout", :password => "secret", :confirmation => "verification", @@ -44,9 +44,9 @@ Rails.application.routes.draw do end namespace :sign_out_via, :module => "devise" do - devise_for :deletes, :sign_out_via => :delete, :class_name => "User" - devise_for :posts, :sign_out_via => :post, :class_name => "User" - devise_for :delete_or_posts, :sign_out_via => [:delete, :post], :class_name => "User" + devise_for :deletes, :sign_out_via => :delete, :class_name => "Admin" + devise_for :posts, :sign_out_via => :post, :class_name => "Admin" + devise_for :delete_or_posts, :sign_out_via => [:delete, :post], :class_name => "Admin" end match "/set", :to => "home#set" diff --git a/test/rails_app/lib/shared_user.rb b/test/rails_app/lib/shared_user.rb index 42862208..eca7463d 100644 --- a/test/rails_app/lib/shared_user.rb +++ b/test/rails_app/lib/shared_user.rb @@ -14,8 +14,8 @@ module SharedUser def new_with_session(params, session) super.tap do |user| if data = session["devise.facebook_data"] - user.username = data["nickname"] - user.email = data["email"] + user.email = data["email"] + user.confirmed_at = Time.now end end end diff --git a/test/routes_test.rb b/test/routes_test.rb index 05613f19..2580d2e5 100644 --- a/test/routes_test.rb +++ b/test/routes_test.rb @@ -91,15 +91,12 @@ class DefaultRoutingTest < ActionController::TestCase assert_named_route "/users/cancel", :cancel_user_registration_path end - test 'map oauth callbacks' do - assert_recognizes({:controller => 'devise/oauth_callbacks', :action => 'facebook'}, {:path => 'users/oauth/facebook/callback', :method => :get}) - assert_named_route "/users/oauth/facebook/callback", :user_oauth_callback_path, :facebook - - assert_recognizes({:controller => 'devise/oauth_callbacks', :action => 'github'}, {:path => 'users/oauth/github/callback', :method => :get}) - assert_named_route "/users/oauth/github/callback", :user_oauth_callback_path, :github + test 'map omniauth callbacks' do + assert_recognizes({:controller => 'users/omniauth_callbacks', :action => 'facebook'}, {:path => 'users/auth/facebook/callback', :method => :get}) + assert_named_route "/users/auth/facebook/callback", :user_omniauth_callback_path, :facebook assert_raise ActionController::RoutingError do - assert_recognizes({:controller => 'devise/oauth_callbacks', :action => 'twitter'}, {:path => 'users/oauth/twitter/callback', :method => :get}) + assert_recognizes({:controller => 'ysers/omniauth_callbacks', :action => 'twitter'}, {:path => 'users/auth/twitter/callback', :method => :get}) end end @@ -137,14 +134,6 @@ class CustomizedRoutingTest < ActionController::TestCase assert_recognizes({:controller => 'devise/passwords', :action => 'new', :locale => 'en'}, '/en/accounts/secret/new') end - test 'map account with custom path name for confirmation' do - assert_recognizes({:controller => 'devise/confirmations', :action => 'new', :locale => 'en'}, '/en/accounts/verification/new') - end - - test 'map account with custom path name for unlock' do - assert_recognizes({:controller => 'devise/unlocks', :action => 'new', :locale => 'en'}, '/en/accounts/unblock/new') - end - test 'map account with custom path name for registration' do assert_recognizes({:controller => 'devise/registrations', :action => 'new', :locale => 'en'}, '/en/accounts/management/register') end diff --git a/test/test_helper.rb b/test/test_helper.rb index 051029f6..4b1d339b 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -16,7 +16,7 @@ Webrat.configure do |config| config.open_error_files = false end -Devise::Oauth.test_mode! +Devise::OmniAuth.test_mode! # Add support to load paths so we can overwrite broken webrat setup $:.unshift File.expand_path('../support', __FILE__)