diff --git a/app/controllers/rs/oauth_controller.rb b/app/controllers/rs/oauth_controller.rb index 48a5739..2e2933f 100644 --- a/app/controllers/rs/oauth_controller.rb +++ b/app/controllers/rs/oauth_controller.rb @@ -87,7 +87,7 @@ class Rs::OauthController < ApplicationController permissions: permissions, client_id: client_id, redirect_uri: redirect_uri, - app_name: client_id, #TODO use user-defined name + app_name: client_id, expire_at: expire_at ) diff --git a/spec/models/remote_storage_authorization_spec.rb b/spec/models/remote_storage_authorization_spec.rb index f3514e3..c29308d 100644 --- a/spec/models/remote_storage_authorization_spec.rb +++ b/spec/models/remote_storage_authorization_spec.rb @@ -76,102 +76,103 @@ RSpec.describe RemoteStorageAuthorization, type: :model do end end - # describe "#find_or_create_web_app" do - # context "with origin that looks hosted" do - # before do - # auth = user.remote_storage_authorizations.create!( - # permissions: %w(documents photos contacts:rw videos:r tasks/work:r), - # client_id: "example.com", - # redirect_uri: "https://example.com", - # expire_at: 1.month.from_now - # ) - # end - # - # it "generates a web_app" do - # expect(auth.web_app).to be_a(AppCatalog::WebApp) - # end - # - # it "uses the Web App's name as app name" do - # expect(auth.app_name).to eq("Example Domain") - # end - # end - # - # context "when creating two authorizations for the same app" do - # before do - # user_2 = create :user - # ResqueSpec.reset! - # auth_1 = user.remote_storage_authorizations.create!( - # permissions: %w(documents photos contacts:rw videos:r tasks/work:r), - # client_id: "example.com", - # redirect_uri: "https://example.com", - # expire_at: 1.month.from_now - # ) - # auth_2 = user_2.remote_storage_authorizations.create!( - # permissions: %w(documents photos contacts:rw videos:r tasks/work:r), - # client_id: "example.com", - # redirect_uri: "https://example.com", - # expire_at: 1.month.from_now - # ) - # end - # - # after do - # auth_1.destroy - # auth_2.destroy - # user_2.destroy - # end - # - # it "uses the same web app instance for both authorizations" do - # expect(auth_1.web_app).to be_a(AppCatalog::WebApp) - # expect(auth_1.web_app).to eq(auth_2.web_app) - # end - # end - # - # describe "non-production app origins" do - # context "when host is not an FQDN" do - # before do - # auth = user.remote_storage_authorizations.create!( - # permissions: %w(recipes), - # client_id: "localhost:4200", - # redirect_uri: "http://localhost:4200" - # ) - # end - # - # it "does not create a web app" do - # expect(auth.web_app).to be_nil - # expect(auth.app_name).to eq("localhost:4200") - # end - # end - # - # context "when host is an IP address" do - # before do - # auth = user.remote_storage_authorizations.create!( - # permissions: %w(recipes), - # client_id: "192.168.0.23:3000", - # redirect_uri: "http://192.168.0.23:3000" - # ) - # end - # - # it "does not create a web app" do - # expect(auth.web_app).to be_nil - # expect(auth.app_name).to eq("192.168.0.23:3000") - # end - # end - # - # context "when host is an extension URL" do # before do - # auth = user.remote_storage_authorizations.create!( - # permissions: %w(bookmarks), - # client_id: "123.addons.allizom.org", - # redirect_uri: "123.addons.allizom.org/foo" - # ) - # end - # - # it "does not create a web app" do - # expect(auth.web_app).to be_nil - # expect(auth.app_name).to eq("123.addons.allizom.org") - # end - # end - # end - # end + describe "#find_or_create_web_app" do + context "with origin that looks hosted" do + after(:all) { redis_rs_delete_keys("authorizations:*") } + + let(:auth) do + user.remote_storage_authorizations.create!( + permissions: %w(documents:rw), + client_id: "example.com", + redirect_uri: "https://example.com", + expire_at: 1.month.from_now + ) + end + + it "generates a web_app" do + expect(auth.web_app).to be_a(AppCatalog::WebApp) + end + end + + context "when creating two authorizations for the same app" do + let(:user_2) { create :user, id: 23, cn: "michiel", email: "michiel@example.com" } + + let(:auth_1) do + user.remote_storage_authorizations.create!( + permissions: %w(documents photos contacts:rw videos:r tasks/work:r), + client_id: "example.com", + redirect_uri: "https://example.com", + expire_at: 1.month.from_now + ) + end + + let(:auth_2) do + user_2.remote_storage_authorizations.create!( + permissions: %w(documents photos contacts:rw videos:r tasks/work:r), + client_id: "example.com", + redirect_uri: "https://example.com", + expire_at: 1.month.from_now + ) + end + + after do + auth_1.destroy + auth_2.destroy + user_2.destroy + end + + it "uses the same web app for both authorizations" do + expect(auth_1.web_app).to eq(auth_2.web_app) + end + end + + describe "non-production app origins" do + context "when host is not an FQDN" do + let(:auth) do + user.remote_storage_authorizations.create!( + permissions: %w(recipes), + client_id: "localhost:4200", + redirect_uri: "http://localhost:4200" + ) + end + + it "does not create a web app" do + expect(auth.web_app).to be_nil + expect(auth.app_name).to eq("localhost:4200") + end + end + + context "when host is an IP address" do + let(:auth) do + user.remote_storage_authorizations.create!( + permissions: %w(recipes), + client_id: "192.168.0.23:3000", + redirect_uri: "http://192.168.0.23:3000" + ) + end + + it "does not create a web app" do + expect(auth.web_app).to be_nil + expect(auth.app_name).to eq("192.168.0.23:3000") + end + end + + context "when host is an extension URL" do + let(:auth) do + user.remote_storage_authorizations.create!( + permissions: %w(bookmarks), + client_id: "123.addons.allizom.org", + redirect_uri: "123.addons.allizom.org/foo" + ) + end + + it "does not create a web app" do + expect(auth.web_app).to be_nil + expect(auth.app_name).to eq("123.addons.allizom.org") + end + end + end + end # describe "auth notifications" do # context "with auth notifications enabled" do