From 78253b6885f4da5181fc360064bc8c7a22f59c18 Mon Sep 17 00:00:00 2001
From: Ilya Zhitomirskiy <ilya@laptop.(none)>
Date: Wed, 15 Jun 2011 16:36:35 -0700
Subject: [PATCH] resetting the token instead if the app already exists, should
move the lookup to be homepage url
---
app/controllers/authorizations_controller.rb | 22 +++++++++++++-------
features/oauth.feature | 16 +++++++++++++-
features/step_definitions/oauth_steps.rb | 2 +-
3 files changed, 30 insertions(+), 10 deletions(-)
diff --git a/app/controllers/authorizations_controller.rb b/app/controllers/authorizations_controller.rb
index d0acde0eef..8cb37d130c 100644
--- a/app/controllers/authorizations_controller.rb
+++ b/app/controllers/authorizations_controller.rb
@@ -20,25 +20,24 @@ class AuthorizationsController < ApplicationController
end
def token
- if(params[:type] == 'client_associate' && params[:manifest_url])
+ unless(params[:type] == 'client_associate' && params[:manifest_url])
+ render :text => "bad request", :status => 403
+ return
+ end
manifest = JSON.parse(RestClient.get(params[:manifest_url]).body)
message = verify(params[:signed_string], params[:signature], manifest['public_key'])
unless message =='ok'
render :text => message, :status => 403
else
- client = OAuth2::Provider.client_class.create_from_manifest!(manifest)
+ client = OAuth2::Provider.client_class.create_or_reset_from_manifest!(manifest)
render :json => {:client_id => client.oauth_identifier,
:client_secret => client.oauth_secret,
:expires_in => 0,
:flows_supported => "",
}
-
end
- else
- render :text => "bad request", :status => 403
- end
end
def index
@@ -84,7 +83,14 @@ class AuthorizationsController < ApplicationController
end
OAuth2::Provider.client_class.instance_eval do
- def self.create_from_manifest! manifest
- create!(manifest)
+ def self.create_or_reset_from_manifest! manifest
+ if obj = find_by_name(manifest['name'])
+ obj.oauth_identifier = OAuth2::Provider::Random.base62(16)
+ obj.oauth_secret = OAuth2::Provider::Random.base62(32)
+ obj.save!
+ obj
+ else
+ create!(manifest)
+ end
end
end
diff --git a/features/oauth.feature b/features/oauth.feature
index b67b2b814c..72dbfb26da 100644
--- a/features/oauth.feature
+++ b/features/oauth.feature
@@ -23,7 +23,7 @@ Feature: oauth
Then I should be on "/account" on Chubbies
Then I should see "No access token."
- Scenario: Authorize Chubbies when Chubbies is already registeded
+ Scenario: Authorize Chubbies when Chubbies is already connected
Given Chubbies is registered on my pod
When I try to authorize Chubbies
And there is only one Chubbies
@@ -32,6 +32,20 @@ Feature: oauth
Then I should be on "/account" on Chubbies
And I should see my "profile.birthday"
And I should see my "name"
+
+ Scenario: Authorize Chubbies when the pod knows about Chubbies
+ Given Chubbies is registered on my pod
+ When I try to authorize Chubbies
+ And I visit "/reset" on Chubbies
+ And I go to the destroy user session page
+
+ When I try to authorize Chubbies
+ And there is only one Chubbies
+
+ When I press "Authorize"
+ Then I should be on "/account" on Chubbies
+ And I should see my "profile.birthday"
+ And I should see my "name"
Scenario: Authorize Chubbies should place it on the authorized applications page
When I try to authorize Chubbies
diff --git a/features/step_definitions/oauth_steps.rb b/features/step_definitions/oauth_steps.rb
index 627b7dd94d..ddbe8acbfb 100644
--- a/features/step_definitions/oauth_steps.rb
+++ b/features/step_definitions/oauth_steps.rb
@@ -8,7 +8,7 @@ end
Given /^Chubbies is registered on my pod$/ do
manifest = JSON.parse(RestClient.get("localhost:#{Chubbies::PORT}/manifest.json").body)
- client = OAuth2::Provider.client_class.create_from_manifest!(manifest)
+ client = OAuth2::Provider.client_class.create_or_reset_from_manifest!(manifest)
params = {:client_id => client.oauth_identifier,
:client_secret => client.oauth_secret,
:host => "localhost:9887"}
--
GitLab