diff --git a/spec/integration/application_spec.rb b/spec/integration/application_spec.rb index 39c6c0d67..2c4e78fd5 100644 --- a/spec/integration/application_spec.rb +++ b/spec/integration/application_spec.rb @@ -10,14 +10,14 @@ describe ApplicationController, type: :request do it "redirects to the new session page on validation fails" do expect_any_instance_of(SessionsController).to receive(:verified_request?).and_return(false) - post "/users/sign_in", user: {remember_me: 0, username: @user.username, password: "evankorth"} + post "/users/sign_in", params: {user: {remember_me: 0, username: @user.username, password: "evankorth"}} expect(response).to redirect_to new_user_session_path expect(flash[:error]).to eq(I18n.t("error_messages.csrf_token_fail")) end it "doesn't redirect to the new session page if the validation succeeded" do expect_any_instance_of(SessionsController).to receive(:verified_request?).and_return(true) - post "/users/sign_in", user: {remember_me: 0, username: @user.username, password: "evankorth"} + post "/users/sign_in", params: {user: {remember_me: 0, username: @user.username, password: "evankorth"}} expect(response).to redirect_to stream_path expect(flash[:error]).to be_blank end @@ -30,7 +30,7 @@ describe ApplicationController, type: :request do it "signs out users if a wrong token was given" do expect_any_instance_of(UsersController).to receive(:verified_request?).and_return(false) - put edit_user_path, user: {language: "en"} + put edit_user_path, params: {user: {language: "en"}} expect(response).to redirect_to new_user_session_path expect(flash[:error]).to eq(I18n.t("error_messages.csrf_token_fail")) end @@ -38,12 +38,12 @@ describe ApplicationController, type: :request do it "sends an email to the current user if the token validation failed" do expect_any_instance_of(UsersController).to receive(:verified_request?).and_return(false) expect(Workers::Mail::CsrfTokenFail).to receive(:perform_async).with(alice.id) - put edit_user_path, user: {language: "en"} + put edit_user_path, params: {user: {language: "en"}} end it "doesn't sign out users if the token was correct" do expect_any_instance_of(UsersController).to receive(:verified_request?).and_return(true) - put edit_user_path, user: {language: "en"} + put edit_user_path, params: {user: {language: "en"}} expect(response).not_to be_redirect expect(flash[:error]).to be_blank end diff --git a/spec/integration/federation/federation_helper.rb b/spec/integration/federation/federation_helper.rb index 3525c95fe..58e95f908 100644 --- a/spec/integration/federation/federation_helper.rb +++ b/spec/integration/federation/federation_helper.rb @@ -61,12 +61,12 @@ def post_message(payload, recipient=nil) if recipient inlined_jobs do headers = {"CONTENT_TYPE" => "application/json"} - post "/receive/users/#{recipient.guid}", payload, headers + post "/receive/users/#{recipient.guid}", params: payload, headers: headers end else inlined_jobs do headers = {"CONTENT_TYPE" => "application/magic-envelope+xml"} - post "/receive/public", payload, headers + post "/receive/public", params: payload, headers: headers end end end diff --git a/spec/integration/mentioning_spec.rb b/spec/integration/mentioning_spec.rb index 94bd5f8cf..41a231d3e 100644 --- a/spec/integration/mentioning_spec.rb +++ b/spec/integration/mentioning_spec.rb @@ -51,7 +51,10 @@ module MentioningSpecHelpers sign_in user1 status_msg = nil inlined_jobs do - post "/status_messages.json", status_message: {text: text_mentioning(mentioned_user)}, aspect_ids: aspects + post "/status_messages.json", params: { + status_message: {text: text_mentioning(mentioned_user)}, + aspect_ids: aspects + } status_msg = StatusMessage.find(JSON.parse(response.body)["id"]) end status_msg diff --git a/spec/integration/mobile_posts_spec.rb b/spec/integration/mobile_posts_spec.rb index 1ffd10a79..1b5e53509 100644 --- a/spec/integration/mobile_posts_spec.rb +++ b/spec/integration/mobile_posts_spec.rb @@ -3,7 +3,7 @@ describe PostsController, type: :request do let(:sm) { FactoryGirl.build(:status_message_with_poll, public: true) } it "displays the poll" do - get "/posts/#{sm.id}", format: :mobile + get "/posts/#{sm.id}", params: {format: :mobile} expect(response.status).to eq(200) expect(response.body).to match(/div class='poll'/) @@ -13,7 +13,7 @@ describe PostsController, type: :request do it "displays the correct percentage for the answers" do alice.participate_in_poll!(sm, sm.poll.poll_answers.first) bob.participate_in_poll!(sm, sm.poll.poll_answers.last) - get "/posts/#{sm.id}", format: :mobile + get "/posts/#{sm.id}", params: {format: :mobile} expect(response.status).to eq(200) expect(response.body).to match(/div class='percentage pull-right'>\n50%/) @@ -24,7 +24,7 @@ describe PostsController, type: :request do let(:sm) { FactoryGirl.build(:status_message_with_location, public: true) } it "displays the location" do - get "/posts/#{sm.id}", format: :mobile + get "/posts/#{sm.id}", params: {format: :mobile} expect(response.status).to eq(200) expect(response.body).to match(/'location nsfw-hidden'/) diff --git a/spec/integration/tag_people_spec.rb b/spec/integration/tag_people_spec.rb index 336b7acf0..22b07d851 100644 --- a/spec/integration/tag_people_spec.rb +++ b/spec/integration/tag_people_spec.rb @@ -1,4 +1,4 @@ -describe TagsController, :type => :request do +describe TagsController, type: :request do describe 'will_paginate people on the tag page' do let(:people) { (1..2).map { FactoryGirl.create(:person) } } let(:tag) { "diaspora" } @@ -17,7 +17,7 @@ describe TagsController, :type => :request do end it 'fetches the second page' do - get "/tags/#{tag}", page: 2 + get "/tags/#{tag}", params: {page: 2} expect(response.status).to eq(200) expect(response.body).to match(/
  • 2<\/a><\/li>/) diff --git a/spec/lib/api/openid_connect/protected_resource_endpoint_spec.rb b/spec/lib/api/openid_connect/protected_resource_endpoint_spec.rb index e93a995ef..fc2f4cb11 100644 --- a/spec/lib/api/openid_connect/protected_resource_endpoint_spec.rb +++ b/spec/lib/api/openid_connect/protected_resource_endpoint_spec.rb @@ -11,7 +11,7 @@ describe Api::OpenidConnect::ProtectedResourceEndpoint, type: :request do context "when valid access token is provided" do before do - get api_openid_connect_user_info_path, access_token: access_token_with_read + get api_openid_connect_user_info_path, params: {access_token: access_token_with_read} end it "includes private in the cache-control header" do @@ -21,7 +21,7 @@ describe Api::OpenidConnect::ProtectedResourceEndpoint, type: :request do context "when access token is expired" do before do - get api_openid_connect_user_info_path, access_token: expired_access_token + get api_openid_connect_user_info_path, params: {access_token: expired_access_token} end it "should respond with a 401 Unauthorized response" do @@ -47,7 +47,7 @@ describe Api::OpenidConnect::ProtectedResourceEndpoint, type: :request do context "when an invalid access token is provided" do before do - get api_openid_connect_user_info_path, access_token: invalid_token + get api_openid_connect_user_info_path, params: {access_token: invalid_token} end it "should respond with a 401 Unauthorized response" do @@ -66,7 +66,7 @@ describe Api::OpenidConnect::ProtectedResourceEndpoint, type: :request do context "when authorization has been destroyed" do before do auth_with_read.destroy - get api_openid_connect_user_info_path, access_token: access_token_with_read + get api_openid_connect_user_info_path, params: {access_token: access_token_with_read} end it "should respond with a 401 Unauthorized response" do diff --git a/spec/lib/api/openid_connect/token_endpoint_spec.rb b/spec/lib/api/openid_connect/token_endpoint_spec.rb index a455f8ffa..85e482ce5 100644 --- a/spec/lib/api/openid_connect/token_endpoint_spec.rb +++ b/spec/lib/api/openid_connect/token_endpoint_spec.rb @@ -19,9 +19,9 @@ describe Api::OpenidConnect::TokenEndpoint, type: :request do describe "the authorization code grant type" do context "when the authorization code is valid" do before do - post api_openid_connect_access_tokens_path, grant_type: "authorization_code", + post api_openid_connect_access_tokens_path, params: {grant_type: "authorization_code", client_id: client.client_id, client_secret: client.client_secret, - redirect_uri: "http://localhost:3000/", code: code + redirect_uri: "http://localhost:3000/", code: code} end it "should return a valid id token" do @@ -53,26 +53,26 @@ describe Api::OpenidConnect::TokenEndpoint, type: :request do it "should not allow code to be reused" do auth.reload - post api_openid_connect_access_tokens_path, grant_type: "authorization_code", + post api_openid_connect_access_tokens_path, params: {grant_type: "authorization_code", client_id: client.client_id, client_secret: client.client_secret, - redirect_uri: "http://localhost:3000/", code: code + redirect_uri: "http://localhost:3000/", code: code} expect(JSON.parse(response.body)["error"]).to eq("invalid_grant") end it "should not allow a nil code" do - post api_openid_connect_access_tokens_path, grant_type: "authorization_code", + post api_openid_connect_access_tokens_path, params: {grant_type: "authorization_code", client_id: client.client_id, client_secret: client.client_secret, - redirect_uri: "http://localhost:3000/", code: nil + redirect_uri: "http://localhost:3000/", code: nil} expect(JSON.parse(response.body)["error"]).to eq("invalid_request") end end context "when the authorization code is valid with jwt bearer" do before do - post api_openid_connect_access_tokens_path, grant_type: "authorization_code", + post api_openid_connect_access_tokens_path, params: {grant_type: "authorization_code", redirect_uri: "http://localhost:3000/", code: code_with_specific_id, client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer", - client_assertion: File.read(valid_client_assertion_path) + client_assertion: File.read(valid_client_assertion_path)} end it "should return a valid id token" do @@ -97,27 +97,27 @@ describe Api::OpenidConnect::TokenEndpoint, type: :request do it "should not allow code to be reused" do auth_with_specific_id.reload - post api_openid_connect_access_tokens_path, grant_type: "authorization_code", + post api_openid_connect_access_tokens_path, params: {grant_type: "authorization_code", client_id: client.client_id, client_secret: client.client_secret, - redirect_uri: "http://localhost:3000/", code: code_with_specific_id + redirect_uri: "http://localhost:3000/", code: code_with_specific_id} expect(JSON.parse(response.body)["error"]).to eq("invalid_grant") end end context "when the authorization code is not valid" do it "should return an invalid grant error" do - post api_openid_connect_access_tokens_path, grant_type: "authorization_code", - client_id: client.client_id, client_secret: client.client_secret, code: "123456" + post api_openid_connect_access_tokens_path, params: {grant_type: "authorization_code", + client_id: client.client_id, client_secret: client.client_secret, code: "123456"} expect(response.body).to include "invalid_grant" end end context "when the client assertion is in an invalid format" do before do - post api_openid_connect_access_tokens_path, grant_type: "authorization_code", + post api_openid_connect_access_tokens_path, params: {grant_type: "authorization_code", redirect_uri: "http://localhost:3000/", code: code_with_specific_id, client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer", - client_assertion: "invalid_client_assertion.random" + client_assertion: "invalid_client_assertion.random"} end it "should return an error" do @@ -127,10 +127,10 @@ describe Api::OpenidConnect::TokenEndpoint, type: :request do context "when the client assertion is not matching with jwks keys" do before do - post api_openid_connect_access_tokens_path, grant_type: "authorization_code", + post api_openid_connect_access_tokens_path, params: {grant_type: "authorization_code", redirect_uri: "http://localhost:3000/", code: code_with_specific_id, client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer", - client_assertion: File.read(client_assertion_with_tampered_sig_path) + client_assertion: File.read(client_assertion_with_tampered_sig_path)} end it "should return an error" do @@ -140,10 +140,10 @@ describe Api::OpenidConnect::TokenEndpoint, type: :request do context "when kid doesn't exist in jwks keys" do before do - post api_openid_connect_access_tokens_path, grant_type: "authorization_code", + post api_openid_connect_access_tokens_path, params: {grant_type: "authorization_code", redirect_uri: "http://localhost:3000/", code: code_with_specific_id, client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer", - client_assertion: File.read(client_assertion_with_nonexistent_kid_path) + client_assertion: File.read(client_assertion_with_nonexistent_kid_path)} end it "should return an error" do @@ -153,18 +153,18 @@ describe Api::OpenidConnect::TokenEndpoint, type: :request do context "when the client is unregistered" do it "should return an error" do - post api_openid_connect_access_tokens_path, grant_type: "authorization_code", code: auth.refresh_token, - client_id: SecureRandom.hex(16).to_s, client_secret: client.client_secret + post api_openid_connect_access_tokens_path, params: {grant_type: "authorization_code", code: auth.refresh_token, + client_id: SecureRandom.hex(16).to_s, client_secret: client.client_secret} expect(response.body).to include "invalid_client" end end context "when the client is unregistered with jwks keys" do before do - post api_openid_connect_access_tokens_path, grant_type: "authorization_code", + post api_openid_connect_access_tokens_path, params: {grant_type: "authorization_code", redirect_uri: "http://localhost:3000/", code: code_with_specific_id, client_assertion_type: "urn:ietf:params:oauth:client-assertion-type:jwt-bearer", - client_assertion: File.read(client_assertion_with_nonexistent_client_id_path) + client_assertion: File.read(client_assertion_with_nonexistent_client_id_path)} end it "should return an error" do @@ -174,16 +174,16 @@ describe Api::OpenidConnect::TokenEndpoint, type: :request do context "when the code field is missing" do it "should return an invalid request error" do - post api_openid_connect_access_tokens_path, grant_type: "authorization_code", - client_id: client.client_id, client_secret: client.client_secret + post api_openid_connect_access_tokens_path, params: {grant_type: "authorization_code", + client_id: client.client_id, client_secret: client.client_secret} expect(response.body).to include "invalid_request" end end context "when the client_secret doesn't match" do it "should return an invalid client error" do - post api_openid_connect_access_tokens_path, grant_type: "authorization_code", code: auth.refresh_token, - client_id: client.client_id, client_secret: "client.client_secret" + post api_openid_connect_access_tokens_path, params: {grant_type: "authorization_code", code: auth.refresh_token, + client_id: client.client_id, client_secret: "client.client_secret"} expect(response.body).to include "invalid_client" end end @@ -191,8 +191,8 @@ describe Api::OpenidConnect::TokenEndpoint, type: :request do describe "an unsupported grant type" do it "should return an unsupported grant type error" do - post api_openid_connect_access_tokens_path, grant_type: "noexistgrant", username: "bob", - password: "bluepin7", client_id: client.client_id, client_secret: client.client_secret, scope: "read" + post api_openid_connect_access_tokens_path, params: {grant_type: "noexistgrant", username: "bob", + password: "bluepin7", client_id: client.client_id, client_secret: client.client_secret, scope: "read"} expect(response.body).to include "unsupported_grant_type" end end @@ -200,8 +200,8 @@ describe Api::OpenidConnect::TokenEndpoint, type: :request do describe "the refresh token grant type" do context "when the refresh token is valid" do it "should return an access token" do - post api_openid_connect_access_tokens_path, grant_type: "refresh_token", - client_id: client.client_id, client_secret: client.client_secret, refresh_token: auth.refresh_token + post api_openid_connect_access_tokens_path, params: {grant_type: "refresh_token", + client_id: client.client_id, client_secret: client.client_secret, refresh_token: auth.refresh_token} json = JSON.parse(response.body) expect(response.body).to include "expires_in" expect(json["access_token"].length).to eq(64) @@ -211,32 +211,34 @@ describe Api::OpenidConnect::TokenEndpoint, type: :request do context "when the refresh token is not valid" do it "should return an invalid grant error" do - post api_openid_connect_access_tokens_path, grant_type: "refresh_token", - client_id: client.client_id, client_secret: client.client_secret, refresh_token: "123456" + post api_openid_connect_access_tokens_path, params: {grant_type: "refresh_token", + client_id: client.client_id, client_secret: client.client_secret, refresh_token: "123456"} expect(response.body).to include "invalid_grant" end end context "when the client is unregistered" do it "should return an error" do - post api_openid_connect_access_tokens_path, grant_type: "refresh_token", refresh_token: auth.refresh_token, - client_id: SecureRandom.hex(16).to_s, client_secret: client.client_secret + post api_openid_connect_access_tokens_path, params: {grant_type: "refresh_token", + refresh_token: auth.refresh_token, + client_id: SecureRandom.hex(16).to_s, client_secret: client.client_secret} expect(response.body).to include "invalid_client" end end context "when the refresh_token field is missing" do it "should return an invalid request error" do - post api_openid_connect_access_tokens_path, grant_type: "refresh_token", - client_id: client.client_id, client_secret: client.client_secret + post api_openid_connect_access_tokens_path, params: {grant_type: "refresh_token", + client_id: client.client_id, client_secret: client.client_secret} expect(response.body).to include "'refresh_token' required" end end context "when the client_secret doesn't match" do it "should return an invalid client error" do - post api_openid_connect_access_tokens_path, grant_type: "refresh_token", refresh_token: auth.refresh_token, - client_id: client.client_id, client_secret: "client.client_secret" + post api_openid_connect_access_tokens_path, params: {grant_type: "refresh_token", + refresh_token: auth.refresh_token, + client_id: client.client_id, client_secret: "client.client_secret"} expect(response.body).to include "invalid_client" end end