and now legacy-type token is also an instance of Rack::OAuth2::AccessToken::Legacy

nov · nov · commit 5f781492d862 · 2011-04-21T16:28:11.000+09:00
diff --git a/lib/rack/oauth2/access_token.rb b/lib/rack/oauth2/access_token.rb
@@ -22,9 +22,26 @@ def token_response(options = {})
           :scope => Array(scope).join(' ')
         }
       end
+
+      def get(url, headers = {}, &block)
+        RestClient.get url, authenticate(headers), &block
+      end
+
+      def post(url, payload, headers = {}, &block)
+        RestClient.post url, payload, authenticate(headers), &block
+      end
+
+      def put(url, payload, headers = {}, &block)
+        RestClient.put url, payload, authenticate(headers), &block
+      end
+
+      def delete(url, headers = {}, &block)
+        RestClient.delete url, authenticate(headers), &block
+      end
     end
   end
 end
 
 require 'rack/oauth2/access_token/bearer'
-require 'rack/oauth2/access_token/mac'
+require 'rack/oauth2/access_token/mac'
+require 'rack/oauth2/access_token/legacy'
diff --git a/lib/rack/oauth2/access_token/bearer.rb b/lib/rack/oauth2/access_token/bearer.rb
@@ -2,24 +2,7 @@ module Rack
   module OAuth2
     class AccessToken
       class Bearer < AccessToken
-        def get(url, headers = {}, &block)
-          RestClient.get url, authenticate(headers), &block
-        end
-
-        def post(url, payload, headers = {}, &block)
-          RestClient.post url, payload, authenticate(headers), &block
-        end
-
-        def put(url, payload, headers = {}, &block)
-          RestClient.put url, payload, authenticate(headers), &block
-        end
-
-        def delete(url, headers = {}, &block)
-          RestClient.delete url, authenticate(headers), &block
-        end
-
         private
-
         def authenticate(headers)
           headers.merge(:AUTHORIZATION => "Bearer #{access_token}")
         end
diff --git a/lib/rack/oauth2/access_token/legacy.rb b/lib/rack/oauth2/access_token/legacy.rb
@@ -0,0 +1,17 @@
+module Rack
+  module OAuth2
+    class AccessToken
+      class Legacy < AccessToken
+        def initialize(attributes = {})
+          super
+          self.expires_in = self.expires_in.try(:to_i)
+        end
+
+        private
+        def authenticate(headers)
+          headers.merge(:AUTHORIZATION => "OAuth2 #{access_token}")
+        end
+      end
+    end
+  end
+end
diff --git a/lib/rack/oauth2/client.rb b/lib/rack/oauth2/client.rb
@@ -73,12 +73,14 @@ def handle_response
           AccessToken::Bearer.new(token_hash)
         when 'mac'
           AccessToken::MAC.new(token_hash)
+        when nil
+          AccessToken::Legacy.new(token_hash)
         else
-          token_hash
+          raise 'Unknown Token Type'
         end
       rescue JSON::ParserError
         # NOTE: Facebook support (They don't use JSON as token response)
-        Rack::Utils.parse_nested_query(response.body).with_indifferent_access
+        AccessToken::Legacy.new Rack::Utils.parse_nested_query(response.body).with_indifferent_access
       rescue RestClient::Exception => e
         error = JSON.parse(e.http_body).with_indifferent_access
         raise Error.new(e.http_code, error)
diff --git a/spec/fake_response/tokens/legacy_without_expires_in.txt b/spec/fake_response/tokens/legacy_without_expires_in.txt
@@ -0,0 +1 @@
+access_token=access_token
diff --git a/spec/fake_response/tokens/unknown.json b/spec/fake_response/tokens/unknown.json
@@ -0,0 +1,6 @@
+{
+  "access_token":"access_token",
+  "refresh_token":"refresh_token",
+  "token_type":"unknown",
+  "expires_in":3600
+}
diff --git a/spec/rack/oauth2/access_token/legacy_spec.rb b/spec/rack/oauth2/access_token/legacy_spec.rb
@@ -0,0 +1,43 @@
+require 'spec_helper'
+
+describe Rack::OAuth2::AccessToken::Legacy do
+  let :token do
+    Rack::OAuth2::AccessToken::Legacy.new(
+      :access_token => 'access_token'
+    )
+  end
+  let(:resource_endpoint) { 'https://server.example.com/resources/fake' }
+
+  [:get, :delete].each do |method|
+    before do
+      fake_response(method, resource_endpoint, 'resources/fake.txt')
+    end
+
+    describe method.to_s.upcase do
+      it 'should have OAuth2 Authorization header' do
+        RestClient.should_receive(method).with(
+          resource_endpoint,
+          :AUTHORIZATION => 'OAuth2 access_token'
+        )
+        token.send method, resource_endpoint
+      end
+    end
+  end
+
+  [:post, :put].each do |method|
+    before do
+      fake_response(method, resource_endpoint, 'resources/fake.txt')
+    end
+
+    describe method.to_s.upcase do
+      it 'should have OAuth2 Authorization header' do
+        RestClient.should_receive(method).with(
+          resource_endpoint,
+          {:key => :value},
+          {:AUTHORIZATION => 'OAuth2 access_token'}
+        )
+        token.send method, resource_endpoint, {:key => :value}
+      end
+    end
+  end
+end
diff --git a/spec/rack/oauth2/client_spec.rb b/spec/rack/oauth2/client_spec.rb
@@ -106,7 +106,7 @@
       its(:expires_in) { should == 3600 }
     end
 
-    context 'when legacy-style (JSON) token is given' do
+    context 'when no-type token is given (JSON)' do
       before  do
         client.authorization_code = 'code'
         fake_response(
@@ -115,30 +115,49 @@
           'tokens/legacy.json'
         )
       end
-      it { should be_instance_of ActiveSupport::HashWithIndifferentAccess }
-      it do
-        client.access_token!.should == {
-          'access_token' => 'access_token',
-          'refresh_token' => 'refresh_token',
-          'expires_in' => 3600
-        }
-      end
+      it { should be_instance_of Rack::OAuth2::AccessToken::Legacy }
+      its(:token_type) { should == :legacy }
+      its(:access_token) { should == 'access_token' }
+      its(:refresh_token) { should == 'refresh_token' }
+      its(:expires_in) { should == 3600 }
     end
 
-    context 'when legacy-style (key-value) response is given' do
+    context 'when no-type token is given (key-value)' do
       before do
         fake_response(
           :post,
           'https://server.example.com/oauth2/token',
           'tokens/legacy.txt'
         )
       end
-      it { should be_instance_of ActiveSupport::HashWithIndifferentAccess }
+      it { should be_instance_of Rack::OAuth2::AccessToken::Legacy }
+      its(:token_type) { should == :legacy }
+      its(:access_token) { should == 'access_token' }
+      its(:expires_in) { should == 3600 }
+
+      context 'when expires_in is not given' do
+        before do
+          fake_response(
+            :post,
+            'https://server.example.com/oauth2/token',
+            'tokens/legacy_without_expires_in.txt'
+          )
+        end
+        its(:expires_in) { should be_nil }
+      end
+    end
+
+    context 'when unknown-type token is given' do
+      before  do
+        client.authorization_code = 'code'
+        fake_response(
+          :post,
+          'https://server.example.com/oauth2/token',
+          'tokens/unknown.json'
+        )
+      end
       it do
-        client.access_token!.should == {
-          'access_token' => 'access_token',
-          'expires_in' => '3600' # NOTE: String not Integer
-        }
+        expect { client.access_token! }.should raise_error(StandardError, 'Unknown Token Type')
       end
     end
 
