1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
|
require 'spec_helper.rb'
describe Rack::OAuth2::Server::Resource::BadRequest do
let(:error) { Rack::OAuth2::Server::Resource::BadRequest.new(:invalid_request) }
it { should be_a Rack::OAuth2::Server::Abstract::BadRequest }
describe '#finish' do
it 'should respond in JSON' do
status, headers, response = error.finish
status.should == 400
headers['Content-Type'].should == 'application/json'
response.should == ['{"error":"invalid_request"}']
end
end
end
describe Rack::OAuth2::Server::Resource::Unauthorized do
let(:error) { Rack::OAuth2::Server::Resource::Unauthorized.new(:invalid_token) }
let(:realm) { Rack::OAuth2::Server::Resource::DEFAULT_REALM }
it { should be_a Rack::OAuth2::Server::Abstract::Unauthorized }
describe '#scheme' do
it do
expect { error.scheme }.to raise_error(RuntimeError, 'Define me!')
end
end
context 'when scheme is defined' do
let :error_with_scheme do
e = error
e.instance_eval do
def scheme
:Scheme
end
end
e
end
describe '#finish' do
it 'should respond in JSON' do
status, headers, response = error_with_scheme.finish
status.should == 401
headers['Content-Type'].should == 'application/json'
headers['WWW-Authenticate'].should == "Scheme realm=\"#{realm}\", error=\"invalid_token\""
response.should == ['{"error":"invalid_token"}']
end
context 'when error_code is not invalid_token' do
let(:error) { Rack::OAuth2::Server::Resource::Unauthorized.new(:something) }
it 'should have error_code in body but not in WWW-Authenticate header' do
status, headers, response = error_with_scheme.finish
headers['WWW-Authenticate'].should == "Scheme realm=\"#{realm}\""
response.first.should include '"error":"something"'
end
end
context 'when no error_code is given' do
let(:error) { Rack::OAuth2::Server::Resource::Unauthorized.new }
it 'should have error_code in body but not in WWW-Authenticate header' do
status, headers, response = error_with_scheme.finish
headers['WWW-Authenticate'].should == "Scheme realm=\"#{realm}\""
response.first.should == '{"error":"unauthorized"}'
end
end
context 'when realm is specified' do
let(:realm) { 'server.example.com' }
let(:error) { Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new(:something, nil, realm: realm) }
it 'should use given realm' do
status, headers, response = error_with_scheme.finish
headers['WWW-Authenticate'].should == "Scheme realm=\"#{realm}\""
response.first.should include '"error":"something"'
end
end
end
end
end
describe Rack::OAuth2::Server::Resource::Forbidden do
let(:error) { Rack::OAuth2::Server::Resource::Forbidden.new(:insufficient_scope) }
it { should be_a Rack::OAuth2::Server::Abstract::Forbidden }
describe '#finish' do
it 'should respond in JSON' do
status, headers, response = error.finish
status.should == 403
headers['Content-Type'].should == 'application/json'
response.should == ['{"error":"insufficient_scope"}']
end
end
context 'when scope option is given' do
let(:error) { Rack::OAuth2::Server::Resource::Bearer::Forbidden.new(:insufficient_scope, 'Desc', scope: [:scope1, :scope2]) }
it 'should have blank WWW-Authenticate header' do
status, headers, response = error.finish
response.first.should include '"scope":"scope1 scope2"'
end
end
end
describe Rack::OAuth2::Server::Resource::Bearer::ErrorMethods do
let(:bad_request) { Rack::OAuth2::Server::Resource::BadRequest }
let(:forbidden) { Rack::OAuth2::Server::Resource::Forbidden }
let(:redirect_uri) { 'http://client.example.com/callback' }
let(:default_description) { Rack::OAuth2::Server::Resource::ErrorMethods::DEFAULT_DESCRIPTION }
let(:env) { Rack::MockRequest.env_for("/authorize?client_id=client_id") }
let(:request) { Rack::OAuth2::Server::Resource::Request.new env }
describe 'bad_request!' do
it do
expect { request.bad_request! :invalid_request }.to raise_error bad_request
end
end
describe 'unauthorized!' do
it do
expect { request.unauthorized! :invalid_client }.to raise_error(RuntimeError, 'Define me!')
end
end
Rack::OAuth2::Server::Resource::ErrorMethods::DEFAULT_DESCRIPTION.keys.each do |error_code|
method = "#{error_code}!"
case error_code
when :invalid_request
describe method do
it "should raise Rack::OAuth2::Server::Resource::BadRequest with error = :#{error_code}" do
expect { request.send method }.to raise_error(bad_request) { |error|
error.error.should == error_code
error.description.should == default_description[error_code]
}
end
end
when :insufficient_scope
describe method do
it "should raise Rack::OAuth2::Server::Resource::Forbidden with error = :#{error_code}" do
expect { request.send method }.to raise_error(forbidden) { |error|
error.error.should == error_code
error.description.should == default_description[error_code]
}
end
end
else
describe method do
it do
expect { request.send method }.to raise_error(RuntimeError, 'Define me!')
end
end
end
end
end
|
