suzanne.soy/travis-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add travis_token scope

Browse Source
This commit is contained in:
Konstantin Haase 2012-12-12 17:11:25 +01:00
parent 8669420f04
commit bc1c960c20
4 changed files with 36 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Gemfile.lock
View File

@ -45,7 +45,7 @@ GIT
GIT GIT
remote: git://github.com/travis-ci/travis-core.git remote: git://github.com/travis-ci/travis-core.git
revision: 751da684a3c44b2c493ebc41e9b38ff8edd5cef8 revision: 500daa4a822d09783f5e64dbc196275770f2570e
specs: specs:
travis-core (0.0.1) travis-core (0.0.1)
actionmailer (~> 3.2.3) actionmailer (~> 3.2.3)

6
lib/travis/api/app/access_token.rb
View File

@ -10,7 +10,13 @@ class Travis::Api::App
new(options).tap(&:save) new(options).tap(&:save)
end end
def self.for_travis_token(travis_token, options = {})
travis_token = Token.find_by_token(travis_token) unless travis_token.respond_to? :user
new(scope: :travis_token, app_id: 1, user: travis_token.user).tap(&:save) if travis_token
end
def self.find_by_token(token) def self.find_by_token(token)
return token if token.is_a? self
user_id, app_id, *scopes = redis.lrange(key(token), 0, -1) user_id, app_id, *scopes = redis.lrange(key(token), 0, -1)
new(token: token, scopes: scopes, user_id: user_id, app_id: app_id) if user_id new(token: token, scopes: scopes, user_id: user_id, app_id: app_id) if user_id
end end

7
lib/travis/api/app/middleware/scope_check.rb
View File

@ -19,11 +19,16 @@ class Travis::Api::App
end end
def token def token
@token ||= header_token || query_token @token ||= header_token || query_token || travis_token
end end
private private
def travis_token
return unless token = params[:token]
AccessToken.for_travis_token(token) || ""
end
def query_token def query_token
params[:access_token] if params[:access_token] and not params[:access_token].empty? params[:access_token] if params[:access_token] and not params[:access_token].empty?
end end

23
spec/unit/middleware/scope_check_spec.rb
View File

@ -41,6 +41,29 @@ describe Travis::Api::App::Middleware::ScopeCheck do
end end
end end
describe 'with travis token' do
let(:travis_token) { stub_travis_token(user: user) }
let(:token) { travis_token.token }
before do
Token.stubs(:find_by_token).with(travis_token.token).returns(travis_token)
Token.stubs(:find_by_token).with("invalid").returns(nil)
end
it 'accepts a valid travis token' do
get('/', token: token).should be_ok
end
it 'rejects an invalid travis token' do
get('/', token: token)
headers['X-OAuth-Scopes'].should == 'travis_token'
end
it 'sets the scope to travis_token' do
get('/', token: "invalid").should_not be_ok
end
end
describe 'reject requests with an invalide token' do describe 'reject requests with an invalide token' do
it 'rejects Authorization token header' do it 'rejects Authorization token header' do
get('/', {}, 'HTTP_AUTHORIZATION' => "token foo").should_not be_ok get('/', {}, 'HTTP_AUTHORIZATION' => "token foo").should_not be_ok