Merge branch 'connect'

2011-08-23 17:16:54 -07:00 · 2011-08-23 17:16:54 -07:00 · 9740af3951
commit 9740af3951
parent eb99b6ba5d bcae8a1952
10 changed files with 141 additions and 25 deletions
--- a/3
+++ b/3
@ -119,6 +119,7 @@ group :test do
  gem 'rspec-instafail', '>= 0.1.7', :require => false
  gem 'fuubar'

-  gem 'diaspora-client', :git => 'git://github.com/diaspora/diaspora-client.git'
+  gem 'diaspora-client', :path => '~/workspace/diaspora-client'
+                         #:git => 'git://github.com/diaspora/diaspora-client.git'

 end
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -29,17 +29,6 @@ GIT
    acts-as-taggable-on (2.0.6)
      rails (>= 3.0)

-GIT
-  remote: git://github.com/diaspora/diaspora-client.git
-  revision: 9dc2c29495c7bf040ceceecdf88800f4c91f870c
-  specs:
-    diaspora-client (0.0.0)
-      activerecord
-      faraday
-      jwt (>= 0.1.3)
-      oauth2
-      sinatra
-
 GIT
  remote: git://github.com/iain/http_accept_language.git
  revision: 0b78aa7849fc90cf9e12586af162fa4c408a795d
@ -63,6 +52,16 @@ GIT
    jwt (0.1.3)
      json (>= 1.2.4)

+PATH
+  remote: ~/workspace/diaspora-client
+  specs:
+    diaspora-client (0.0.0)
+      activerecord
+      faraday
+      jwt (>= 0.1.3)
+      oauth2 (= 0.4.1)
+      sinatra
+
 GEM
  remote: http://rubygems.org/
  specs:
--- a/app/controllers/authorizations_controller.rb
+++ b/app/controllers/authorizations_controller.rb
@ -9,9 +9,30 @@ class AuthorizationsController < ApplicationController
  skip_before_filter :verify_authenticity_token, :only => :token

  def new
-    @requested_scopes = params["scope"].split(',')
-    @client = oauth2_authorization_request.client
-    #render :layout => "popup" if params[:popup]
+    if params[:uid].present? && params[:uid] != current_user.username
+      sign_out current_user
+      redirect_to url_with_prefilled_session_form
+    else
+      @requested_scopes = params["scope"].split(',')
+      @client = oauth2_authorization_request.client
+
+      if authorization = current_user.authorizations.where(:client_id => @client.id).first
+        ac = authorization.authorization_codes.create(:redirect_uri => params[:redirect_uri])
+        redirect_to "#{params[:redirect_uri]}&code=#{ac.code}"
+      end
+    end
+  end
+
+  # When diaspora detects that a user is trying to authorize to an application
+  # as someone other than the logged in user, we want to log out current_user,
+  # and prefill the session form with the user that is trying to authorize
+  def url_with_prefilled_session_form
+    redirect_url = Addressable::URI.parse(request.url)
+    query_values = redirect_url.query_values
+    query_values.delete("uid")
+    query_values.merge!("username" => params[:uid])
+    redirect_url.query_values = query_values
+    redirect_url.to_s
  end

  def create
--- a/app/helpers/sessions_helper.rb
+++ b/app/helpers/sessions_helper.rb
@ -0,0 +1,10 @@
+module SessionsHelper
+  def prefilled_username
+    uri = Addressable::URI.parse(session['user_return_to'])
+    if uri && uri.query_values
+      uri.query_values["username"]
+    else
+      nil
+    end
+  end
+end
--- a/app/views/sessions/new.haml
+++ b/app/views/sessions/new.haml
@ -26,7 +26,7 @@

      %p
        = f.label :username , t('username')
-        = f.text_field :username, :tabindex => 1
+        = f.text_field :username, :tabindex => 1, :value => prefilled_username
      %br

      %p
--- a/features/oauth.feature
+++ b/features/oauth.feature
@ -16,12 +16,30 @@ Feature: oauth
    And I should see my "profile.birthday"
    And I should see my "name"

+  Scenario: Signup+login (Diaspora Connect) with Chubbies
+    When I visit "/reset" on Chubbies
+    And I should have 0 user on Chubbies
+    And I try to authorize Chubbies
+    And I press "Authorize"
+    Then I should be on "/account" on Chubbies
+
+    And I should have 1 user on Chubbies
+
+  Scenario: Signing up as a user while someone else is logged into Diaspora
+    Given a user with username "alice"
+    When I sign in as "alice@alice.alice"
+    Then I visit "/new" on Chubbies
+    And I fill in "Diaspora ID" with "bob@localhost:9887"
+    And I press "Connect to Diaspora"
+    Then I should be on the new user session page
+    And the "Username" field within "#user_new" should contain "bob"
+  
  Scenario: Not authorize Chubbies
    When I try to authorize Chubbies

    When I press "No"
    Then I should be on "/account" on Chubbies
-    Then I should see "No access token."
+    And I should have 0 user on Chubbies

  Scenario: Authorize Chubbies when Chubbies is already connected
    Given Chubbies is registered on my pod
@ -77,3 +95,21 @@ Feature: oauth
    Then I should be on "/account" on Chubbies
    And I should see my "profile.birthday"
    And I should see my "name"
+
+  Scenario: Login in with Chubbies when you already authorized it
+    Given Chubbies is registered on my pod
+    And I should have 0 user on Chubbies
+
+    When I try to authorize Chubbies
+    When I press "Authorize"
+    Then I should be on "/account" on Chubbies
+
+    And I should have 1 user on Chubbies
+    Then I visit "/new" on Chubbies
+    And I fill in my Diaspora ID to connect
+    And I press "Connect to Diaspora"
+
+    Then I should be on "/account" on Chubbies
+    And I should have 1 user on Chubbies
+
+
--- a/features/step_definitions/oauth_steps.rb
+++ b/features/step_definitions/oauth_steps.rb
@ -35,7 +35,7 @@ When /^I try to authorize Chubbies$/ do
  # as we are clearing the Diaspora DB every scenario
  Then 'I visit "/new" on Chubbies'
  ###
-  And "I fill in \"Diaspora Handle\" with \"#{@me.diaspora_handle}\""
+  And "I fill in my Diaspora ID to connect"
  And 'I press "Connect to Diaspora"'
  Then 'I should be on the new user session page'
  And "I fill in \"Username\" with \"#{@me.username}\""
@ -46,8 +46,16 @@ When /^I try to authorize Chubbies$/ do
  And 'I should see "The best way to chub."'
 end

-When /^I visit "([^"]+)" on Chubbies$/ do |path|
+And /^I fill in my Diaspora ID to connect$/ do
+  And "I fill in \"Diaspora ID\" with \"#{@me.diaspora_handle}\""
+end

+And /^I should have (\d) user on Chubbies$/ do |num|
+  When "I visit \"/user_count\" on Chubbies"
+  Then "I should see \"#{num}\""
+end
+
+When /^I visit "([^"]+)" on Chubbies$/ do |path|
  former_host = Capybara.app_host
  Capybara.app_host = "localhost:#{Chubbies::PORT}"
  visit(path)
--- a/spec/chubbies/app.rb
+++ b/spec/chubbies/app.rb
@ -31,6 +31,7 @@ module Chubbies
      end
      add_index :access_tokens, :user_id, :unique => true
      create_table :users do |t|
+        t.string :username, :limit => 127
        t.timestamps
      end
    end
@ -50,7 +51,7 @@ module Chubbies

    d.manifest_field(:name, "Chubbies")
    d.manifest_field(:description, "The best way to chub.")
-    d.manifest_field(:icon_url, "#")
+    d.manifest_field(:icon_url, "chubbies.jpeg")

    d.manifest_field(:permissions_overview, "Chubbi.es wants to post photos to your stream.")

@ -60,7 +61,11 @@ module Chubbies

  class App < DiasporaClient::App
    def current_user
-      User.first
+      @user = User.first
+    end
+
+    def current_user= user
+      @user = user
    end

    def redirect_path
@ -71,6 +76,11 @@ module Chubbies
      '/account?id=1'
    end

+    def create_account(hash)
+      hash[:username] = hash.delete(:diaspora_id)
+      User.create(hash)
+    end
+
    get '/account' do
      if params['id'] && user = User.where(:id => params['id']).first
        if user.access_token
@ -89,7 +99,6 @@ module Chubbies
    end

    get '/new' do
-      @user = User.create
      haml :home
    end

@ -104,5 +113,9 @@ module Chubbies
    post '/register' do
      DiasporaClient::ResourceServer.create!(params)
    end
+
+    get '/user_count' do
+      User.count.to_s
+    end
  end
 end
--- a/spec/chubbies/views/home.haml
+++ b/spec/chubbies/views/home.haml
@ -2,7 +2,7 @@
  %head
  %body
    %form{:action => '/', :id => 'login', :method => 'get'}
-      %label{:for => 'diaspora_handle'}
-        Diaspora Handle
-      %input{:type=>'text', :id => 'diaspora_handle', :name => 'diaspora_handle'}
+      %label{:for => 'diaspora_id'}
+        Diaspora ID
+      %input{:type=>'text', :id => 'diaspora_id', :name => 'diaspora_id'}
      %input{:type => 'submit', :value => "Connect to Diaspora" }
--- a/spec/controllers/authorizations_controller_spec.rb
+++ b/spec/controllers/authorizations_controller_spec.rb
@ -31,6 +31,34 @@ describe AuthorizationsController do
      }
  end

+  describe '#new' do
+    before do
+      @app = Factory.create(:app, :name => "Authorized App")
+      @params = {
+        :scope => "profile",
+        :redirect_uri => @manifest['application_base_url'] << '/callback',
+        :client_id => @app.oauth_identifier,
+        :uid => alice.username
+      }
+    end
+    it 'succeeds' do
+      get :new, @params
+      response.should be_success
+    end
+
+    it 'logs out the signed in user if a different username is passed' do
+      @params[:uid] = bob.username
+      get :new, @params
+      response.location.should include(oauth_authorize_path)
+    end
+
+    it 'it succeeds if no uid is passed' do
+      @params[:uid] = nil
+      get :new, @params
+      response.should be_success
+    end
+  end
+
  describe '#token' do
    before do
      packaged_manifest = {:public_key => @public_key.export, :jwt => JWT.encode(@manifest, @private_key, "RS256")}.to_json