Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion lib/sorcery/test_helpers/internal.rb
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ def destroy
end

def build_new_user(attributes_hash = nil)
user_attributes_hash = attributes_hash || { username: 'gizmo', email: 'bla@bla.com', password: 'secret' }
user_attributes_hash = attributes_hash || { username: 'gizmo', email: 'bla@example.com', password: 'secret' }
@user = User.new(user_attributes_hash)
end

Expand Down
8 changes: 4 additions & 4 deletions spec/controllers/controller_brute_force_protection_spec.rb
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
require 'spec_helper'

describe SorceryController, type: :controller do
let!(:user) { User.create!(username: 'test_user', email: 'bla@bla.com', password: 'password') }
let!(:user) { User.create!(username: 'test_user', email: 'bla@example.com', password: 'password') }

def request_test_login
get :test_login, params: { email: 'bla@bla.com', password: 'blabla' }
get :test_login, params: { email: 'bla@example.com', password: 'blabla' }
end

# ----------------- BRUTE FORCE PROTECTION -----------------------
Expand All @@ -20,7 +20,7 @@ def request_test_login

it 'counts login retries' do
allow(User).to receive(:authenticate) { |&block| block.call(nil, :other) }
allow(User.sorcery_adapter).to receive(:find_by_credentials).with(['bla@bla.com', 'blabla']).and_return(user)
allow(User.sorcery_adapter).to receive(:find_by_credentials).with(['bla@example.com', 'blabla']).and_return(user)

expect(user).to receive(:register_failed_login!).exactly(3).times

Expand All @@ -33,7 +33,7 @@ def request_test_login

allow(User).to receive(:authenticate) { |&block| block.call(user, nil) }

get :test_login, params: { email: 'bla@bla.com', password: 'secret' }
get :test_login, params: { email: 'bla@example.com', password: 'secret' }

user.reload
expect(user.failed_logins_count).to eq(0)
Expand Down
8 changes: 4 additions & 4 deletions spec/controllers/controller_http_basic_auth_spec.rb
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
require 'spec_helper'

describe SorceryController, type: :controller do
let!(:user) { User.create!(username: 'test_user', email: 'bla@bla.com', password: 'password') }
let!(:user) { User.create!(username: 'test_user', email: 'bla@example.com', password: 'password') }

describe 'with http basic auth features' do
before(:all) do
Expand All @@ -22,15 +22,15 @@

it 'authenticates from http basic if credentials are sent' do
@request.env['HTTP_AUTHORIZATION'] = "Basic #{Base64.encode64("#{user.email}:secret")}"
expect(User).to receive('authenticate').with('bla@bla.com', 'secret').and_return(user)
expect(User).to receive('authenticate').with('bla@example.com', 'secret').and_return(user)
get :test_http_basic_auth, params: {}, session: { http_authentication_used: true }

expect(response).to be_successful
end

it 'fails authentication if credentials are wrong' do
@request.env['HTTP_AUTHORIZATION'] = "Basic #{Base64.encode64("#{user.email}:wrong!")}"
expect(User).to receive('authenticate').with('bla@bla.com', 'wrong!').and_return(nil)
expect(User).to receive('authenticate').with('bla@example.com', 'wrong!').and_return(nil)
get :test_http_basic_auth, params: {}, session: { http_authentication_used: true }

expect(response).to redirect_to root_url
Expand All @@ -51,7 +51,7 @@

it "signs in the user's session on successful login" do
@request.env['HTTP_AUTHORIZATION'] = "Basic #{Base64.encode64("#{user.email}:secret")}"
expect(User).to receive('authenticate').with('bla@bla.com', 'secret').and_return(user)
expect(User).to receive('authenticate').with('bla@example.com', 'secret').and_return(user)

get :test_http_basic_auth, params: {}, session: { http_authentication_used: true }

Expand Down
102 changes: 51 additions & 51 deletions spec/controllers/controller_oauth2_spec.rb

Large diffs are not rendered by default.

22 changes: 11 additions & 11 deletions spec/controllers/controller_oauth_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,15 @@
# require 'shared_examples/controller_oauth_shared_examples'

def stub_all_oauth_requests!
consumer = OAuth::Consumer.new('key', 'secret', site: 'http://myapi.com')
consumer = OAuth::Consumer.new('key', 'secret', site: 'http://api.example.com')
req_token = OAuth::RequestToken.new(consumer)
acc_token = OAuth::AccessToken.new(consumer)

response = Object.new
def response.body
{
'following' => false, 'listed_count' => 0, 'profile_link_color' => '0084B4',
'profile_image_url' => 'http://a1.twimg.com/profile_images/536178575/noamb_normal.jpg',
'profile_image_url' => 'http://media.example.com/profile_images/536178575/noamb_normal.jpg',
'description' => 'Programmer/Heavy Metal Fan/New Father',
'status' => {
'text' => 'coming soon to sorcery gem: twitter and facebook authentication support.',
Expand All @@ -27,7 +27,7 @@ def response.body
'screen_name' => 'nbenari', 'profile_use_background_image' => true, 'location' => 'Israel',
'statuses_count' => 25, 'profile_background_color' => '022330', 'lang' => 'en',
'verified' => false, 'notifications' => false,
'profile_background_image_url' => 'http://a3.twimg.com/profile_background_images/104087198/04042010339.jpg',
'profile_background_image_url' => 'http://media.example.com/profile_background_images/104087198/04042010339.jpg',
'favourites_count' => 5, 'created_at' => 'Fri Nov 20 21:58:19 +0000 2009',
'is_translator' => false, 'contributors_enabled' => false, 'protected' => false,
'follow_request_sent' => false, 'time_zone' => 'Greenland', 'profile_text_color' => '333333',
Expand All @@ -54,14 +54,14 @@ def response.body
sorcery_controller_property_set(:external_providers, %i[twitter jira])
sorcery_controller_external_property_set(:twitter, :key, 'eYVNBjBDi33aa9GkA3w')
sorcery_controller_external_property_set(:twitter, :secret, 'XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8')
sorcery_controller_external_property_set(:twitter, :callback_url, 'http://blabla.com')
sorcery_controller_external_property_set(:twitter, :callback_url, 'http://example.com')

sorcery_controller_external_property_set(:jira, :key, '7810b8e317ebdc81601c72f8daecc0f1')
sorcery_controller_external_property_set(:jira, :secret, 'MyAppUsingJira')
sorcery_controller_external_property_set(:jira, :site, 'http://jira.mycompany.com/plugins/servlet/oauth')
sorcery_controller_external_property_set(:jira, :site, 'http://jira.example.com/plugins/servlet/oauth')
sorcery_controller_external_property_set(:jira, :signature_method, 'RSA-SHA1')
sorcery_controller_external_property_set(:jira, :private_key_file, 'myrsakey.pem')
sorcery_controller_external_property_set(:jira, :callback_url, 'http://myappusingjira.com/home')
sorcery_controller_external_property_set(:jira, :callback_url, 'http://app.example.com/home')
end

# ----------------- OAuth -----------------------
Expand All @@ -71,7 +71,7 @@ def response.body
end

after do
sorcery_controller_external_property_set(:twitter, :callback_url, 'http://blabla.com')
sorcery_controller_external_property_set(:twitter, :callback_url, 'http://example.com')
sorcery_controller_external_property_set(:twitter, :original_callback_url, nil)
end

Expand All @@ -83,19 +83,19 @@ def response.body
it 'login_at redirects correctly' do
get :login_at_test
expect(response).to be_a_redirect
expect(response).to redirect_to('http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&oauth_token=')
expect(response).to redirect_to('http://api.example.com/oauth/authorize?oauth_callback=http%3A%2F%2Ftest.host%2Foauth%2Ftwitter%2Fcallback&oauth_token=')
end
end

context 'when callback_url begins with http://' do
before do
sorcery_controller_external_property_set(:twitter, :callback_url, 'http://blabla.com/oauth/twitter/callback')
sorcery_controller_external_property_set(:twitter, :callback_url, 'http://example.com/oauth/twitter/callback')
end

it 'login_at redirects correctly' do
get :login_at_test
expect(response).to be_a_redirect
expect(response).to redirect_to('http://myapi.com/oauth/authorize?oauth_callback=http%3A%2F%2Fblabla.com%2Foauth%2Ftwitter%2Fcallback&oauth_token=')
expect(response).to redirect_to('http://api.example.com/oauth/authorize?oauth_callback=http%3A%2F%2Fexample.com%2Foauth%2Ftwitter%2Fcallback&oauth_token=')
end
end

Expand Down Expand Up @@ -163,7 +163,7 @@ def response.body
sorcery_model_property_set(:authentications_class, UserProvider)

allow(user).to receive_message_chain(:sorcery_config, :username_attribute_names, :first) { :username }
allow(user).to receive(:username).and_return('bla@bla.com')
allow(user).to receive(:username).and_return('bla@example.com')
login_user(user)

expect(user).to receive(:add_provider_to_user).with('twitter', '123')
Expand Down
12 changes: 6 additions & 6 deletions spec/controllers/controller_remember_me_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,10 @@
end

it 'sets cookie on remember_me!' do
expect(User).to receive(:authenticate).with('bla@bla.com', 'secret') { |&block| block.call(user, nil) }
expect(User).to receive(:authenticate).with('bla@example.com', 'secret') { |&block| block.call(user, nil) }
expect(user).to receive(:remember_me!)

post :test_login_with_remember, params: { email: 'bla@bla.com', password: 'secret' }
post :test_login_with_remember, params: { email: 'bla@example.com', password: 'secret' }

expect(cookies.signed['remember_me_token']).to eq assigns[:current_user].remember_me_token
end
Expand All @@ -39,11 +39,11 @@
end

it 'login(email,password,remember_me) logs user in and remembers' do
expect(User).to receive(:authenticate).with('bla@bla.com', 'secret', '1') { |&block| block.call(user, nil) }
expect(User).to receive(:authenticate).with('bla@example.com', 'secret', '1') { |&block| block.call(user, nil) }
expect(user).to receive(:remember_me!)
expect(user).to receive(:remember_me_token).and_return('abracadabra').twice

post :test_login_with_remember_in_login, params: { email: 'bla@bla.com', password: 'secret', remember: '1' }
post :test_login_with_remember_in_login, params: { email: 'bla@example.com', password: 'secret', remember: '1' }

expect(cookies.signed['remember_me_token']).not_to be_nil
expect(cookies.signed['remember_me_token']).to eq assigns[:user].remember_me_token
Expand Down Expand Up @@ -76,13 +76,13 @@
end

it 'doest not remember_me! when not asked to, even if third parameter is used' do
post :test_login_with_remember_in_login, params: { email: 'bla@bla.com', password: 'secret', remember: '0' }
post :test_login_with_remember_in_login, params: { email: 'bla@example.com', password: 'secret', remember: '0' }

expect(cookies['remember_me_token']).to be_nil
end

it 'doest not remember_me! when not asked to' do
post :test_login, params: { email: 'bla@bla.com', password: 'secret' }
post :test_login, params: { email: 'bla@example.com', password: 'secret' }
expect(cookies['remember_me_token']).to be_nil
end

Expand Down
8 changes: 4 additions & 4 deletions spec/controllers/controller_session_timeout_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -115,9 +115,9 @@
it 'works if the session is stored as a string or a Time' do
session[:login_time] = Time.now.to_s
# TODO: ???
expect(User).to receive(:authenticate).with('bla@bla.com', 'secret') { |&block| block.call(user, nil) }
expect(User).to receive(:authenticate).with('bla@example.com', 'secret') { |&block| block.call(user, nil) }

get :test_login, params: { email: 'bla@bla.com', password: 'secret' }
get :test_login, params: { email: 'bla@example.com', password: 'secret' }

expect(session[:user_id]).not_to be_nil
expect(response).to be_successful
Expand All @@ -129,7 +129,7 @@
it 'does not logout if there was activity' do
sorcery_controller_property_set(:session_timeout_from_last_action, true)

get :test_login, params: { email: 'bla@bla.com', password: 'secret' }
get :test_login, params: { email: 'bla@example.com', password: 'secret' }
Timecop.travel(Time.now.in_time_zone + 0.3)
get :test_should_be_logged_in

Expand All @@ -144,7 +144,7 @@

it "with 'session_timeout_from_last_action' logs out if there was no activity" do
sorcery_controller_property_set(:session_timeout_from_last_action, true)
get :test_login, params: { email: 'bla@bla.com', password: 'secret' }
get :test_login, params: { email: 'bla@example.com', password: 'secret' }
Timecop.travel(Time.now.in_time_zone + 0.6)
get :test_should_be_logged_in

Expand Down
10 changes: 5 additions & 5 deletions spec/controllers/controller_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -52,8 +52,8 @@
describe '#login' do
context 'when succeeds' do
before do
expect(User).to receive(:authenticate).with('bla@bla.com', 'secret') { |&block| block.call(user, nil) }
get :test_login, params: { email: 'bla@bla.com', password: 'secret' }
expect(User).to receive(:authenticate).with('bla@example.com', 'secret') { |&block| block.call(user, nil) }
get :test_login, params: { email: 'bla@example.com', password: 'secret' }
end

it 'assigns user to @user variable' do
Expand All @@ -67,8 +67,8 @@

context 'when fails' do
before do
expect(User).to receive(:authenticate).with('bla@bla.com', 'opensesame!').and_return(nil)
get :test_login, params: { email: 'bla@bla.com', password: 'opensesame!' }
expect(User).to receive(:authenticate).with('bla@example.com', 'opensesame!').and_return(nil)
get :test_login, params: { email: 'bla@example.com', password: 'opensesame!' }
end

it 'sets @user variable to nil' do
Expand Down Expand Up @@ -154,7 +154,7 @@

it 'on successful login the user is redirected to the url he originally wanted' do
session[:return_to_url] = 'http://test.host/some_action'
post :test_return_to, params: { email: 'bla@bla.com', password: 'secret' }
post :test_return_to, params: { email: 'bla@example.com', password: 'secret' }

expect(response).to redirect_to('http://test.host/some_action')
expect(flash[:notice]).to eq 'haha!'
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@
expect(lock_expires_at).not_to be_nil

Timecop.travel(Time.now.in_time_zone + 0.3)
User.authenticate('bla@bla.com', 'secret')
User.authenticate('bla@example.com', 'secret')

lock_expires_at = User.sorcery_adapter.find_by_id(user.id).lock_expires_at
expect(lock_expires_at).to be_nil
Expand Down
2 changes: 1 addition & 1 deletion spec/shared_examples/user_oauth_shared_examples.rb
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
sorcery_model_property_set(:authentications_class, Authentication)
sorcery_controller_external_property_set(:twitter, :key, 'eYVNBjBDi33aa9GkA3w')
sorcery_controller_external_property_set(:twitter, :secret, 'XpbeSdCoaKSmQGSeokz5qcUATClRW5u08QWNfv71N8')
sorcery_controller_external_property_set(:twitter, :callback_url, 'http://blabla.com')
sorcery_controller_external_property_set(:twitter, :callback_url, 'http://example.com')
end

it "responds to 'load_from_provider'" do
Expand Down
8 changes: 4 additions & 4 deletions spec/shared_examples/user_shared_examples.rb
Original file line number Diff line number Diff line change
Expand Up @@ -170,7 +170,7 @@
end

it 'yields the proper error if no user exists' do
[nil, '', 'not@a.user'].each do |email|
[nil, '', 'doesnotexists@example.com'].each do |email|
User.authenticate(email, 'wrong!') do |user2, failure|
expect(user2).to be_nil
expect(failure).to eq :invalid_login
Expand Down Expand Up @@ -247,7 +247,7 @@ class Admin2 < User; end
end

it 'does not encrypt the password twice when a user is updated' do
user.email = 'blup@bla.com'
user.email = 'blup@example.com'
user.save

expect(
Expand Down Expand Up @@ -302,7 +302,7 @@ class Admin2 < User; end

describe 'password validation' do
let(:user_with_pass) do
create_new_user(username: 'foo_bar', email: 'foo@bar.com', password: 'foobar')
create_new_user(username: 'foo_bar', email: 'foo@example.com', password: 'foobar')
end

specify { expect(user_with_pass).to respond_to :valid_password? }
Expand Down Expand Up @@ -562,7 +562,7 @@ def self.matches?(crypted, *tokens)
end

it 'find_by_email works as expected' do
expect(User.sorcery_adapter.find_by_email('bla@bla.com')).to eq user
expect(User.sorcery_adapter.find_by_email('bla@example.com')).to eq user
end
end
end
Expand Down