Allow customer URL schemas for OAuth callback URLs

[rails.git] / test / integration / client_applications_test.rb

diff --git a/test/integration/client_applications_test.rb b/test/integration/client_applications_test.rb
new file mode 100644 (file)
index 0000000..2cc15bd
--- /dev/null
+++ b/test/integration/client_applications_test.rb
@@ -0,0 +1,93 @@
+require "test_helper"
+
+class ClientApplicationsTest < ActionDispatch::IntegrationTest
+  fixtures :users, :client_applications
+
+  ##
+  # run through the procedure of creating a client application and checking
+  # that it shows up on the user's account page.
+  def test_create_application
+    get "/login"
+    assert_response :redirect
+    assert_redirected_to "controller" => "user", "action" => "login", "cookie_test" => "true"
+    follow_redirect!
+    assert_response :success
+    post "/login", "username" => "test@example.com", "password" => "test", :referer => "/user/test2"
+    assert_response :redirect
+    follow_redirect!
+    assert_response :success
+    assert_template "user/view"
+    get "/user/test2/account"
+    assert_response :success
+    assert_template "user/account"
+
+    # check that the form to allow new client application creations exists
+    assert_in_heading do
+      assert_select "ul.secondary-actions li a[href='/user/test2/oauth_clients']"
+    end
+
+    # now we follow the link to the oauth client list
+    get "/user/test2/oauth_clients"
+    assert_response :success
+    assert_in_body do
+      assert_select "a[href='/user/test2/oauth_clients/new']"
+    end
+
+    # now we follow the link to the new oauth client page
+    get "/user/test2/oauth_clients/new"
+    assert_response :success
+    assert_in_heading do
+      assert_select "h1", "Register a new application"
+    end
+    assert_in_body do
+      assert_select "form[action='/user/test2/oauth_clients']" do
+        [:name, :url, :callback_url, :support_url].each do |inp|
+          assert_select "input[name=?]", "client_application[#{inp}]"
+        end
+        ClientApplication.all_permissions.each do |perm|
+          assert_select "input[name=?]", "client_application[#{perm}]"
+        end
+      end
+    end
+
+    post "/user/test2/oauth_clients",       "client_application[name]" => "My New App",
+                                            "client_application[url]" => "http://my.new.app.org/",
+                                            "client_application[callback_url]" => "http://my.new.app.org/callback",
+                                            "client_application[support_url]" => "http://my.new.app.org/support"
+    assert_response :redirect
+    follow_redirect!
+    assert_response :success
+    assert_template "oauth_clients/show"
+    assert_equal "Registered the information successfully", flash[:notice]
+
+    # now go back to the account page and check its listed under this user
+    get "/user/test2/oauth_clients"
+    assert_response :success
+    assert_template "oauth_clients/index"
+    assert_in_body { assert_select "div>a", "My New App" }
+  end
+
+  ##
+  # fake client workflow.
+  # this acts like a 3rd party client trying to access the site.
+  def test_3rd_party_token
+    # apparently the oauth gem doesn't really support being used inside integration
+    # tests, as its too tied into the HTTP headers and stuff that it signs.
+  end
+
+  ##
+  # utility method to make the HTML screening easier to read.
+  def assert_in_heading
+    assert_select "div.content-heading" do
+      yield
+    end
+  end
+
+  ##
+  # utility method to make the HTML screening easier to read.
+  def assert_in_body
+    assert_select "div#content" do
+      yield
+    end
+  end
+end