blob: 553e90c20326532129af5caaeb09993047852cd6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
require 'spec_helper'
describe UserSessionsHelper do
describe 'generate_oauth_hmac' do
let (:salt) { 'a' }
let (:salt2) { 'b' }
let (:return_to) { 'b' }
it 'should return null if return_to is also null' do
expect(generate_oauth_hmac(salt, nil)).to be_nil
end
it 'should return not null if return_to is also not null' do
expect(generate_oauth_hmac(salt, return_to)).not_to be_nil
end
it 'should return different hmacs for different salts' do
secret1 = generate_oauth_hmac(salt, return_to)
secret2 = generate_oauth_hmac(salt2, return_to)
expect(secret1).not_to eq(secret2)
end
end
describe 'generate_oauth_state' do
let (:return_to) { 'b' }
it 'should return null if return_to is also null' do
expect(generate_oauth_state(nil)).to be_nil
end
it 'should return two different states for same return_to' do
state1 = generate_oauth_state(return_to)
state2 = generate_oauth_state(return_to)
expect(state1).not_to eq(state2)
end
end
describe 'get_ouath_state_return_to' do
let (:return_to) { 'a' }
let (:state) { generate_oauth_state(return_to) }
it 'should return return_to' do
expect(get_ouath_state_return_to(state)).to eq(return_to)
end
end
describe 'is_oauth_state_valid?' do
let (:return_to) { 'a' }
let (:state) { generate_oauth_state(return_to) }
let (:forged) { "forged#{state}" }
let (:invalid) { 'aa' }
let (:invalid2) { 'aa:bb' }
let (:invalid3) { 'aa:bb:' }
it 'should validate oauth state' do
expect(is_oauth_state_valid?(state)).to be_truthy
end
it 'should not validate forged state' do
expect(is_oauth_state_valid?(forged)).to be_falsey
end
it 'should not validate invalid state' do
expect(is_oauth_state_valid?(invalid)).to be_falsey
expect(is_oauth_state_valid?(invalid2)).to be_falsey
expect(is_oauth_state_valid?(invalid3)).to be_falsey
end
end
end
|