suzanne.soy/travis-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
0d2188b5b2
travis-api/spec/unit/endpoint/authorization_spec.rb
Konstantin Haase 0d2188b5b2 fix specs
2013-04-24 16:59:26 +02:00

69 lines
2.3 KiB
Ruby
Raw Blame History

require 'spec_helper'
describe Travis::Api::App::Endpoint::Authorization do
include Travis::Testing::Stubs
before do
add_endpoint '/info' do
get '/login', scope: :private do
env['travis.access_token'].user.login
end
end
user.stubs(:github_id).returns(42)
User.stubs(:find_github_id).returns(user)
User.stubs(:find).returns(user)
end
describe 'GET /auth/authorize' do
pending "not yet implemented"
end
describe 'POST /auth/access_token' do
pending "not yet implemented"
end
describe 'POST /auth/github' do
before do
data = { 'id' => user.github_id, 'name' => user.name, 'login' => user.login, 'gravatar_id' => user.gravatar_id }
GH.stubs(:with).with(token: 'private repos', client_id: nil).returns stub(:[] => user.login, :headers => {'x-oauth-scopes' => 'repo'}, :to_hash => data)
GH.stubs(:with).with(token: 'public repos', client_id: nil).returns stub(:[] => user.login, :headers => {'x-oauth-scopes' => 'public_repo'}, :to_hash => data)
GH.stubs(:with).with(token: 'no repos', client_id: nil).returns stub(:[] => user.login, :headers => {'x-oauth-scopes' => 'user'}, :to_hash => data)
GH.stubs(:with).with(token: 'invalid token', client_id: nil).raises(Faraday::Error::ClientError, 'CLIENT ERROR!')
end
def get_token(github_token)
post('/auth/github', github_token: github_token).should be_ok
parsed_body['access_token']
end
def user_for(github_token)
get '/info/login', access_token: get_token(github_token)
last_response.status.should == 200
user if user.login == body
end
it 'accepts tokens with repo scope' do
user_for('private repos').name.should == user.name
end
it 'accepts tokens with public_repo scope' do
user_for('public repos').name.should == user.name
end
it 'rejects tokens with user scope' do
post('/auth/github', github_token: 'no repos').should_not be_ok
body.should_not include('access_token')
end
it 'rejects tokens with user scope' do
post('/auth/github', github_token: 'invalid token').should_not be_ok
body.should_not include('access_token')
end
it 'does not store the token' do
user_for('public repos').github_oauth_token.should_not == 'public repos'
end
end
end
Reference in New Issue View Git Blame Copy Permalink