From 5231b9e484efdb178a078a8b842d42521990e9e8 Mon Sep 17 00:00:00 2001 From: "Peter H. Boling" Date: Thu, 15 May 2025 07:52:58 +0700 Subject: [PATCH 1/5] =?UTF-8?q?=E2=9C=A8=20silence=5Fno=5Ftokens=5Fwarning?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lib/oauth2.rb | 1 + lib/oauth2/access_token.rb | 39 +++++++++++++++---------- spec/oauth2/access_token_spec.rb | 49 ++++++++++++++++++++++++++++++++ spec/oauth2_spec.rb | 7 +++++ 4 files changed, 81 insertions(+), 15 deletions(-) diff --git a/lib/oauth2.rb b/lib/oauth2.rb index ec88b462..368e83ea 100644 --- a/lib/oauth2.rb +++ b/lib/oauth2.rb @@ -28,6 +28,7 @@ module OAuth2 OAUTH_DEBUG = ENV.fetch("OAUTH_DEBUG", "false").casecmp("true").zero? DEFAULT_CONFIG = SnakyHash::SymbolKeyed.new( silence_extra_tokens_warning: true, + silence_no_tokens_warning: true, ) @config = DEFAULT_CONFIG.dup class << self diff --git a/lib/oauth2/access_token.rb b/lib/oauth2/access_token.rb index 5cdd789b..b3342281 100644 --- a/lib/oauth2/access_token.rb +++ b/lib/oauth2/access_token.rb @@ -31,6 +31,8 @@ class << self # 'access_token', 'id_token', 'token' (or their symbolic versions) # @note If multiple token keys are present, a warning will be issued unless # OAuth2.config.silence_extra_tokens_warning is true + # @note If no token keys are present, a warning will be issued unless + # OAuth2.config.silence_no_tokens_warning is true # @note For "soon-to-expire"/"clock-skew" functionality see the `:expires_latency` option. # @mote If snaky key conversion is being used, token_name needs to match the converted key. # @@ -40,21 +42,17 @@ class << self def from_hash(client, hash) fresh = hash.dup # If token_name is present, then use that key name - if fresh.key?(:token_name) - key = fresh[:token_name] - if key.nil? || !fresh.key?(key) - warn(%[ -OAuth2::AccessToken#from_hash key mismatch. -Custom token_name (#{key}) does match any keys (#{fresh.keys}) -You may need to set `snaky: false`. See inline documentation for more info. - ]) + key = + if fresh.key?(:token_name) + no_tokens_warning(fresh, key) + fresh[:token_name] + else + # Otherwise, if one of the supported default keys is present, use whichever has precedence + supported_keys = TOKEN_KEY_LOOKUP & fresh.keys + t_key = supported_keys[0] + extra_tokens_warning(supported_keys, t_key) + t_key end - else - # Otherwise, if one of the supported default keys is present, use whichever has precedence - supported_keys = TOKEN_KEY_LOOKUP & fresh.keys - key = supported_keys[0] - extra_tokens_warning(supported_keys, key) - end token = fresh.delete(key) || "" new(client, token, fresh) end @@ -77,6 +75,17 @@ def extra_tokens_warning(supported_keys, key) warn("OAuth2::AccessToken.from_hash: `hash` contained more than one 'token' key (#{supported_keys}); using #{key.inspect}.") end + + def no_tokens_warning(hash, key) + return if OAuth2.config.silence_no_tokens_warning + return if key && hash.key?(key) + + warn(%[ +OAuth2::AccessToken#from_hash key mismatch. +Custom token_name (#{key}) is not found in (#{hash.keys}) +You may need to set `snaky: false`. See inline documentation for more info. + ]) + end end # Initialize an AccessToken @@ -117,7 +126,7 @@ def initialize(client, token, opts = {}) if @client.options[:raise_errors] error = Error.new(opts) raise(error) - else + elsif !OAuth2.config.silence_no_tokens_warning warn("OAuth2::AccessToken has no token") end end diff --git a/spec/oauth2/access_token_spec.rb b/spec/oauth2/access_token_spec.rb index f5233898..714cacb0 100644 --- a/spec/oauth2/access_token_spec.rb +++ b/spec/oauth2/access_token_spec.rb @@ -121,6 +121,37 @@ expect(printed).to eq(msg) end end + + context "with no token keys" do + subject(:printed) do + capture(:stderr) do + target + end + end + + before do + @original_sntw = OAuth2.config.silence_no_tokens_warning + OAuth2.config.silence_no_tokens_warning = false + end + + after do + OAuth2.config.silence_no_tokens_warning = @original_sntw + end + + let(:hash) do + { + blather: "confusing bug here", + rather: token, + } + end + + it "warns on STDERR and selects the correct key" do + msg = <<-MSG.lstrip + OAuth2::AccessToken.from_hash: `hash` contained more than one 'token' key ([:access_token, :id_token]); using :access_token. + MSG + block_is_expected.to raise_error(OAuth2::Error) + end + end end describe "#initialize" do @@ -314,6 +345,15 @@ def assert_initialized_token(target) end end + before do + @original_sntw = OAuth2.config.silence_no_tokens_warning + OAuth2.config.silence_no_tokens_warning = false + end + + after do + OAuth2.config.silence_no_tokens_warning = @original_sntw + end + it "warns on STDERR" do msg = <<-MSG.lstrip OAuth2::AccessToken has no token @@ -343,6 +383,15 @@ def assert_initialized_token(target) context "when there is nil token" do let(:token) { nil } + before do + @original_sntw = OAuth2.config.silence_no_tokens_warning + OAuth2.config.silence_no_tokens_warning = false + end + + after do + OAuth2.config.silence_no_tokens_warning = @original_sntw + end + context "when there is no refresh_token" do it "does not raise on initialize" do block_is_expected.not_to raise_error diff --git a/spec/oauth2_spec.rb b/spec/oauth2_spec.rb index 09240997..c8aee983 100644 --- a/spec/oauth2_spec.rb +++ b/spec/oauth2_spec.rb @@ -9,23 +9,30 @@ subject(:configure) do described_class.configure do |config| config.silence_extra_tokens_warning = true + config.silence_no_tokens_warning = true end end before do described_class.configure do |config| config.silence_extra_tokens_warning = false + config.silence_no_tokens_warning = false end end after do described_class.configure do |config| config.silence_extra_tokens_warning = false + config.silence_no_tokens_warning = false end end it "can change setting of silence_extra_tokens_warning" do block_is_expected.to change(described_class.config, :silence_extra_tokens_warning).from(false).to(true) end + + it "can change setting of silence_no_tokens_warning" do + block_is_expected.to change(described_class.config, :silence_no_tokens_warning).from(false).to(true) + end end end From 37aebbd3a21102d19a2ff3205475658942570ee9 Mon Sep 17 00:00:00 2001 From: "Peter H. Boling" Date: Thu, 15 May 2025 08:15:21 +0700 Subject: [PATCH 2/5] =?UTF-8?q?=E2=9C=A8=20silence=5Fno=5Ftokens=5Fwarning?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- spec/oauth2/access_token_spec.rb | 56 +++++++++++++++++++++++++------- spec/oauth2_spec.rb | 4 +-- 2 files changed, 47 insertions(+), 13 deletions(-) diff --git a/spec/oauth2/access_token_spec.rb b/spec/oauth2/access_token_spec.rb index 714cacb0..8d9c0f5b 100644 --- a/spec/oauth2/access_token_spec.rb +++ b/spec/oauth2/access_token_spec.rb @@ -66,25 +66,49 @@ expect(printed).to eq(msg) end - context "when silenced" do + context "when one token" do subject(:printed) do capture(:stderr) do target end end + let(:hash) do + { + access_token: token, + } + end + before do - OAuth2.configure do |config| - config.silence_extra_tokens_warning = true - end + @original_setw = OAuth2.config.silence_extra_tokens_warning + OAuth2.config.silence_extra_tokens_warning = false end after do - OAuth2.configure do |config| - config.silence_extra_tokens_warning = false + OAuth2.config.silence_extra_tokens_warning = @original_setw + end + + it "does not warn on STDERR" do + expect(printed).to eq("") + end + end + + context "when silenced" do + subject(:printed) do + capture(:stderr) do + target end end + before do + @original_setw = OAuth2.config.silence_extra_tokens_warning + OAuth2.config.silence_extra_tokens_warning = true + end + + after do + OAuth2.config.silence_extra_tokens_warning = @original_setw + end + it "does not warn on STDERR" do expect(printed).to eq("") end @@ -122,7 +146,7 @@ end end - context "with no token keys" do + context "with warning for no token keys" do subject(:printed) do capture(:stderr) do target @@ -138,6 +162,8 @@ OAuth2.config.silence_no_tokens_warning = @original_sntw end + let(:options) { {raise_errors: true} } + let(:hash) do { blather: "confusing bug here", @@ -145,12 +171,20 @@ } end - it "warns on STDERR and selects the correct key" do - msg = <<-MSG.lstrip - OAuth2::AccessToken.from_hash: `hash` contained more than one 'token' key ([:access_token, :id_token]); using :access_token. - MSG + it "raises an error" do block_is_expected.to raise_error(OAuth2::Error) end + + context "when not raising errors" do + let(:options) { {raise_errors: false} } + + it "warns on STDERR and selects the correct key" do + msg = <<-MSG.lstrip + OAuth2::AccessToken has no token + MSG + expect(printed).to eq(msg) + end + end end end diff --git a/spec/oauth2_spec.rb b/spec/oauth2_spec.rb index c8aee983..8271c9b3 100644 --- a/spec/oauth2_spec.rb +++ b/spec/oauth2_spec.rb @@ -1,8 +1,8 @@ # frozen_string_literal: true RSpec.describe OAuth2 do - it "silence_extra_tokens_warning default is opposite of OAUTH_DEBUG" do - expect(described_class.config.silence_extra_tokens_warning).to be(true) + it "silence_extra_tokens_warning is a boolean" do + expect(described_class.config.silence_extra_tokens_warning).to be(true).or be(false) end describe ".configure" do From 18e01d7b17f2262f66a68be52455fbc41a6f304a Mon Sep 17 00:00:00 2001 From: "Peter H. Boling" Date: Thu, 15 May 2025 22:58:14 +0700 Subject: [PATCH 3/5] =?UTF-8?q?=E2=9C=85=20100%=20test=20coverage?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- lib/oauth2/access_token.rb | 5 +- spec/oauth2/access_token_spec.rb | 26 ++++++- spec/oauth2/client_spec.rb | 112 +++++++++++-------------------- 3 files changed, 66 insertions(+), 77 deletions(-) diff --git a/lib/oauth2/access_token.rb b/lib/oauth2/access_token.rb index b3342281..658971e5 100644 --- a/lib/oauth2/access_token.rb +++ b/lib/oauth2/access_token.rb @@ -44,8 +44,9 @@ def from_hash(client, hash) # If token_name is present, then use that key name key = if fresh.key?(:token_name) - no_tokens_warning(fresh, key) - fresh[:token_name] + t_key = fresh[:token_name] + no_tokens_warning(fresh, t_key) + t_key else # Otherwise, if one of the supported default keys is present, use whichever has precedence supported_keys = TOKEN_KEY_LOOKUP & fresh.keys diff --git a/spec/oauth2/access_token_spec.rb b/spec/oauth2/access_token_spec.rb index 8d9c0f5b..2fbd9c08 100644 --- a/spec/oauth2/access_token_spec.rb +++ b/spec/oauth2/access_token_spec.rb @@ -178,12 +178,36 @@ context "when not raising errors" do let(:options) { {raise_errors: false} } - it "warns on STDERR and selects the correct key" do + it "warns on STDERR" do msg = <<-MSG.lstrip OAuth2::AccessToken has no token MSG expect(printed).to eq(msg) end + + context "when custom token_name" do + let(:options) { {raise_errors: false} } + + let(:hash) do + { + "lollipop" => token, + expires_at: Time.now.to_i + 200, + foo: "bar", + header_format: "Bearer %", + mode: :header, + param_name: "lollipop", + token_name: "lollipop", + } + end + + it "finds token" do + expect(target.token).to eq("monkey") + end + + it "does not warn when token is found" do + expect(printed).to eq("") + end + end end end end diff --git a/spec/oauth2/client_spec.rb b/spec/oauth2/client_spec.rb index 59d6a71b..f683e498 100644 --- a/spec/oauth2/client_spec.rb +++ b/spec/oauth2/client_spec.rb @@ -505,10 +505,8 @@ it "body is a standard hash" do expect(response_body).to be_a(Hash) - end - - it "body is not a SnakyHash" do - expect(response_body).not_to be_a(SnakyHash) + expect(response_body).not_to be_a(SnakyHash::StringKeyed) + expect(response_body).not_to be_a(SnakyHash::SymbolKeyed) end end end @@ -582,7 +580,7 @@ context "when snaky" do subject(:token) do - client = stubbed_client do |stub| + client = stubbed_client(options) do |stub| stub.post("/oauth/token") do [200, {"Content-Type" => "application/json"}, response_body] end @@ -591,6 +589,7 @@ client.get_token(params, access_token_opts) end + let(:options) { {raise_errors: false} } let(:access_token_opts) { {} } let(:response_body) { JSON.dump("access_token" => "the-token") } @@ -609,12 +608,8 @@ expect(token).to be_a OAuth2::AccessToken expect(token.token).to eq("the-token") expect(token.response.parsed).to be_a(Hash) - end - - it "parsed is not a SnakyHash" do - expect(token).to be_a OAuth2::AccessToken - expect(token.token).to eq("the-token") - expect(token.response.parsed).not_to be_a(SnakyHash) + expect(token.response.parsed).not_to be_a(SnakyHash::StringKeyed) + expect(token.response.parsed).not_to be_a(SnakyHash::SymbolKeyed) end end @@ -631,12 +626,8 @@ expect(token).to be_a OAuth2::AccessToken expect(token.token).to eq("the-token") expect(token.response.parsed).to be_a(Hash) - end - - it "parsed is not a SnakyHash" do - expect(token).to be_a OAuth2::AccessToken - expect(token.token).to eq("the-token") - expect(token.response.parsed).not_to be_a(SnakyHash) + expect(token.response.parsed).not_to be_a(SnakyHash::StringKeyed) + expect(token.response.parsed).not_to be_a(SnakyHash::SymbolKeyed) end context "with alternate token named" do @@ -647,12 +638,8 @@ expect(token).to be_a OAuth2::AccessToken expect(token.token).to eq("the-token") expect(token.response.parsed).to be_a(Hash) - end - - it "parsed is not a SnakyHash" do - expect(token).to be_a OAuth2::AccessToken - expect(token.token).to eq("the-token") - expect(token.response.parsed).not_to be_a(SnakyHash) + expect(token.response.parsed).not_to be_a(SnakyHash::StringKeyed) + expect(token.response.parsed).not_to be_a(SnakyHash::SymbolKeyed) end it "returns a snake-cased key" do @@ -673,12 +660,8 @@ expect(token).to be_a OAuth2::AccessToken expect(token.token).to eq("the-token") expect(token.response.parsed).to be_a(Hash) - end - - it "parsed is not a SnakyHash" do - expect(token).to be_a OAuth2::AccessToken - expect(token.token).to eq("the-token") - expect(token.response.parsed).not_to be_a(SnakyHash) + expect(token.response.parsed).not_to be_a(SnakyHash::StringKeyed) + expect(token.response.parsed).not_to be_a(SnakyHash::SymbolKeyed) end it "returns a configured AccessToken" do @@ -701,15 +684,11 @@ expect(token).to be_a OAuth2::AccessToken expect(token.token).to eq("the-token") expect(token.response.parsed).to be_a(Hash) + expect(token.response.parsed).not_to be_a(SnakyHash::StringKeyed) + expect(token.response.parsed).not_to be_a(SnakyHash::SymbolKeyed) end - it "parsed is not a SnakyHash" do - expect(token).to be_a OAuth2::AccessToken - expect(token.token).to eq("the-token") - expect(token.response.parsed).not_to be_a(SnakyHash) - end - - context "with alternate token named" do + context "with alternate token name" do let(:access_token_opts) { {token_name: "bananaFace"} } let(:response_body) { JSON.dump("bananaFace" => "the-token") } @@ -717,12 +696,8 @@ expect(token).to be_a OAuth2::AccessToken expect(token.token).to eq("the-token") expect(token.response.parsed).to be_a(Hash) - end - - it "parsed is not a SnakyHash" do - expect(token).to be_a OAuth2::AccessToken - expect(token.token).to eq("the-token") - expect(token.response.parsed).not_to be_a(SnakyHash) + expect(token.response.parsed).not_to be_a(SnakyHash::StringKeyed) + expect(token.response.parsed).not_to be_a(SnakyHash::SymbolKeyed) end it "returns a snake-cased key" do @@ -746,12 +721,8 @@ expect(token).to be_a OAuth2::AccessToken expect(token.token).to eq("the-token") expect(token.response.parsed).to be_a(Hash) - end - - it "parsed is not a SnakyHash" do - expect(token).to be_a OAuth2::AccessToken - expect(token.token).to eq("the-token") - expect(token.response.parsed).not_to be_a(SnakyHash) + expect(token.response.parsed).not_to be_a(SnakyHash::StringKeyed) + expect(token.response.parsed).not_to be_a(SnakyHash::SymbolKeyed) end it "returns a snake-cased key" do @@ -768,12 +739,8 @@ expect(token).to be_a OAuth2::AccessToken expect(token.token).to eq("the-token") expect(token.response.parsed).to be_a(Hash) - end - - it "parsed is not a SnakyHash" do - expect(token).to be_a OAuth2::AccessToken - expect(token.token).to eq("the-token") - expect(token.response.parsed).not_to be_a(SnakyHash) + expect(token.response.parsed).not_to be_a(SnakyHash::StringKeyed) + expect(token.response.parsed).not_to be_a(SnakyHash::SymbolKeyed) end it "returns a snake-cased key" do @@ -795,12 +762,8 @@ expect(token).to be_a OAuth2::AccessToken expect(token.token).to eq("the-token") expect(token.response.parsed).to be_a(Hash) - end - - it "parsed is not a SnakyHash" do - expect(token).to be_a OAuth2::AccessToken - expect(token.token).to eq("the-token") - expect(token.response.parsed).not_to be_a(SnakyHash) + expect(token.response.parsed).not_to be_a(SnakyHash::StringKeyed) + expect(token.response.parsed).not_to be_a(SnakyHash::SymbolKeyed) end end end @@ -811,8 +774,17 @@ context "with token_name" do let(:access_token_opts) { {token_name: "accessToken"} } - it "raises an Error because snaky has renamed the key" do - block_is_expected.to raise_error(OAuth2::Error) + it "parsed is a Hash, but no token since snaky changed key" do + expect(token).to be_a OAuth2::AccessToken + expect(token.token).to eq("") + expect(token.response.parsed).to be_a(Hash) + expect(token.response.parsed).not_to be_a(SnakyHash::StringKeyed) + expect(token.response.parsed).not_to be_a(SnakyHash::SymbolKeyed) + end + + it "returns a snake-cased key" do + expect(token).to be_a OAuth2::AccessToken + expect(token.response.parsed.to_h).to eq("access_token" => "the-token") end context "with alternate snaky token named" do @@ -823,12 +795,8 @@ expect(token).to be_a OAuth2::AccessToken expect(token.token).to eq("the-token") expect(token.response.parsed).to be_a(Hash) - end - - it "parsed is not a SnakyHash" do - expect(token).to be_a OAuth2::AccessToken - expect(token.token).to eq("the-token") - expect(token.response.parsed).not_to be_a(SnakyHash) + expect(token.response.parsed).not_to be_a(SnakyHash::StringKeyed) + expect(token.response.parsed).not_to be_a(SnakyHash::SymbolKeyed) end it "returns a snake-cased key" do @@ -844,12 +812,8 @@ expect(token).to be_a OAuth2::AccessToken expect(token.token).to eq("the-token") expect(token.response.parsed).to be_a(Hash) - end - - it "parsed is not a SnakyHash" do - expect(token).to be_a OAuth2::AccessToken - expect(token.token).to eq("the-token") - expect(token.response.parsed).not_to be_a(SnakyHash) + expect(token.response.parsed).not_to be_a(SnakyHash::StringKeyed) + expect(token.response.parsed).not_to be_a(SnakyHash::SymbolKeyed) end it "returns a snake-cased key" do From a62de004f0677a279f9f9752efbca21200277b89 Mon Sep 17 00:00:00 2001 From: "Peter H. Boling" Date: Thu, 15 May 2025 23:11:46 +0700 Subject: [PATCH 4/5] =?UTF-8?q?=E2=9C=85=20100%=20branch=20coverage?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .rubocop_gradual.lock | 46 +++++++++++--------- spec/oauth2/access_token_spec.rb | 75 +++++++++++++++++++++++++++++--- 2 files changed, 93 insertions(+), 28 deletions(-) diff --git a/.rubocop_gradual.lock b/.rubocop_gradual.lock index dfb5f80e..408ea1dc 100644 --- a/.rubocop_gradual.lock +++ b/.rubocop_gradual.lock @@ -3,9 +3,13 @@ [66, 5, 20, "ThreadSafety/ClassInstanceVariable: Avoid class instance variables.", 2485198147], [78, 5, 74, "Style/InvertibleUnlessCondition: Prefer `if Gem.rubygems_version >= Gem::Version.new(\"2.7.0\")` over `unless Gem.rubygems_version < Gem::Version.new(\"2.7.0\")`.", 2453573257] ], - "lib/oauth2.rb:3563577000": [ - [34, 5, 21, "ThreadSafety/ClassAndModuleAttributes: Avoid mutating class and module attributes.", 622027168], - [37, 11, 7, "ThreadSafety/ClassInstanceVariable: Avoid class instance variables.", 651502127] + "lib/oauth2.rb:1956148869": [ + [35, 5, 21, "ThreadSafety/ClassAndModuleAttributes: Avoid mutating class and module attributes.", 622027168], + [38, 11, 7, "ThreadSafety/ClassInstanceVariable: Avoid class instance variables.", 651502127] + ], + "lib/oauth2/access_token.rb:2233632404": [ + [49, 13, 5, "Style/IdenticalConditionalBranches: Move `t_key` out of the conditional.", 183811513], + [55, 13, 5, "Style/IdenticalConditionalBranches: Move `t_key` out of the conditional.", 183811513] ], "lib/oauth2/authenticator.rb:3711266135": [ [42, 5, 113, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 734523108] @@ -28,11 +32,11 @@ [130, 3, 52, "Gemspec/DependencyVersion: Dependency version specification is required.", 3163430777], [131, 3, 48, "Gemspec/DependencyVersion: Dependency version specification is required.", 425065368] ], - "spec/oauth2/access_token_spec.rb:2406469319": [ + "spec/oauth2/access_token_spec.rb:3473606468": [ [3, 1, 34, "RSpec/SpecFilePathFormat: Spec path should end with `o_auth2/access_token*_spec.rb`.", 1972107547], - [612, 13, 25, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 770233088], - [682, 9, 101, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 3022740639], - [686, 9, 79, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 2507338967] + [780, 13, 25, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 770233088], + [850, 9, 101, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 3022740639], + [854, 9, 79, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 2507338967] ], "spec/oauth2/authenticator_spec.rb:853320290": [ [3, 1, 36, "RSpec/SpecFilePathFormat: Spec path should end with `o_auth2/authenticator*_spec.rb`.", 819808017], @@ -41,7 +45,7 @@ [69, 15, 38, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 1480816240], [79, 13, 23, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 2314399065] ], - "spec/oauth2/client_spec.rb:623759711": [ + "spec/oauth2/client_spec.rb:2085440011": [ [6, 1, 29, "RSpec/SpecFilePathFormat: Spec path should end with `o_auth2/client*_spec.rb`.", 439549885], [174, 7, 492, "RSpec/NoExpectationExample: No expectation found in this example.", 1272021224], [193, 7, 592, "RSpec/NoExpectationExample: No expectation found in this example.", 3428877205], @@ -49,18 +53,18 @@ [221, 15, 20, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 1276531672], [236, 15, 43, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 1383956904], [251, 15, 43, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 3376202107], - [865, 5, 360, "RSpec/NoExpectationExample: No expectation found in this example.", 536201463], - [874, 5, 461, "RSpec/NoExpectationExample: No expectation found in this example.", 3392600621], - [885, 5, 340, "RSpec/NoExpectationExample: No expectation found in this example.", 244592251], - [930, 63, 2, "RSpec/BeEq: Prefer `be` over `eq`.", 5860785], - [975, 11, 99, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 3084776886], - [979, 11, 82, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 1524553529], - [987, 7, 89, "RSpec/NoExpectationExample: No expectation found in this example.", 4609419], - [1075, 11, 99, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 3084776886], - [1079, 11, 82, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 1524553529], - [1159, 17, 12, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 664794325], - [1184, 5, 459, "RSpec/NoExpectationExample: No expectation found in this example.", 2216851076], - [1194, 7, 450, "RSpec/NoExpectationExample: No expectation found in this example.", 2619808549] + [829, 5, 360, "RSpec/NoExpectationExample: No expectation found in this example.", 536201463], + [838, 5, 461, "RSpec/NoExpectationExample: No expectation found in this example.", 3392600621], + [849, 5, 340, "RSpec/NoExpectationExample: No expectation found in this example.", 244592251], + [894, 63, 2, "RSpec/BeEq: Prefer `be` over `eq`.", 5860785], + [939, 11, 99, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 3084776886], + [943, 11, 82, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 1524553529], + [951, 7, 89, "RSpec/NoExpectationExample: No expectation found in this example.", 4609419], + [1039, 11, 99, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 3084776886], + [1043, 11, 82, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 1524553529], + [1123, 17, 12, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 664794325], + [1148, 5, 459, "RSpec/NoExpectationExample: No expectation found in this example.", 2216851076], + [1158, 7, 450, "RSpec/NoExpectationExample: No expectation found in this example.", 2619808549] ], "spec/oauth2/error_spec.rb:1209122273": [ [23, 1, 28, "RSpec/SpecFilePathFormat: Spec path should end with `o_auth2/error*_spec.rb`.", 3385870076], @@ -97,7 +101,7 @@ "spec/oauth2/version_spec.rb:1001406821": [ [3, 1, 30, "RSpec/SpecFilePathFormat: Spec path should end with `o_auth2/version*_spec.rb`.", 1099517182] ], - "spec/oauth2_spec.rb:2292862590": [ + "spec/oauth2_spec.rb:4211477230": [ [3, 1, 21, "RSpec/SpecFilePathFormat: Spec path should end with `o_auth2*_spec.rb`.", 3359091140] ] } diff --git a/spec/oauth2/access_token_spec.rb b/spec/oauth2/access_token_spec.rb index 2fbd9c08..59a44fb0 100644 --- a/spec/oauth2/access_token_spec.rb +++ b/spec/oauth2/access_token_spec.rb @@ -185,18 +185,18 @@ expect(printed).to eq(msg) end - context "when custom token_name" do + context "when custom token_name valid" do let(:options) { {raise_errors: false} } let(:hash) do { "lollipop" => token, - expires_at: Time.now.to_i + 200, - foo: "bar", - header_format: "Bearer %", - mode: :header, - param_name: "lollipop", - token_name: "lollipop", + :expires_at => Time.now.to_i + 200, + :foo => "bar", + :header_format => "Bearer %", + :mode => :header, + :param_name => "lollipop", + :token_name => "lollipop", } end @@ -208,6 +208,67 @@ expect(printed).to eq("") end end + + context "when custom token_name invalid" do + let(:options) { {raise_errors: false} } + + let(:hash) do + { + "babyshark" => token, + :expires_at => Time.now.to_i + 200, + :foo => "bar", + :header_format => "Bearer %", + :mode => :header, + :param_name => "lollipop", + :token_name => "lollipop", + } + end + + context "when silence_no_tokens_warning is false" do + before do + @original_sntw = OAuth2.config.silence_no_tokens_warning + OAuth2.config.silence_no_tokens_warning = false + end + + after do + OAuth2.config.silence_no_tokens_warning = @original_sntw + end + + it "finds no token" do + expect(target.token).to eq("") + end + + it "warns when no token is found" do + expect(printed.each_line.to_a).to eq([ + "\n", + "OAuth2::AccessToken#from_hash key mismatch.\n", + %{Custom token_name (lollipop) is not found in (["babyshark", :expires_at, :foo, :header_format, :mode, :param_name, :token_name])\n}, + "You may need to set `snaky: false`. See inline documentation for more info.\n", + " \n", + "OAuth2::AccessToken has no token\n", + ]) + end + end + + context "when silence_no_tokens_warning is true" do + before do + @original_sntw = OAuth2.config.silence_no_tokens_warning + OAuth2.config.silence_no_tokens_warning = true + end + + after do + OAuth2.config.silence_no_tokens_warning = @original_sntw + end + + it "finds no token" do + expect(target.token).to eq("") + end + + it "does not warn when no token is found" do + expect(printed.each_line.to_a).to eq([]) + end + end + end end end end From 5e5afbe96717d33d8ab84bbf6986b1b50e924134 Mon Sep 17 00:00:00 2001 From: "Peter H. Boling" Date: Thu, 15 May 2025 23:17:58 +0700 Subject: [PATCH 5/5] =?UTF-8?q?=F0=9F=93=9D=20Documentation:=20CHANGELOG.m?= =?UTF-8?q?d?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- CHANGELOG.md | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1ca76b1a..d883f69e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,19 +10,22 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2. ### Fixed ### Removed -## [2.0.10] - 2025-05-12 ([tag][2.0.10t]) +## [2.0.10] - 2025-05-XX ([tag][2.0.10t]) ### Added - [!635](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/635) - `.gitlab-ci.yml` file (@jessieay) -- [!643](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/643) - Add token_name option (@pboling) - - Specify the parameter name that identifies the access token -- [!642](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/642) - 20 year certificate for signing gem releases, expires 2045-04-29 (@pboling) - - Gemspec metadata (@pboling) - - funding_uri - - news_uri - - mailing_list_uri - - SHA256 and SHA512 Checksums for release (@pboling) - [#638](https://gitlab.com/oauth-xx/oauth2/-/issues/638) - Documentation of support for ILO Fundamental Principles of Rights at Work +- [!642](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/642) - 20 year certificate for signing gem releases, expires 2045-04-29 (@pboling) + - Gemspec metadata (@pboling) + - funding_uri + - news_uri + - mailing_list_uri + - SHA256 and SHA512 Checksums for release (@pboling) +- [!643](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/643) - Add `token_name` option (@pboling) + - Specify the parameter name that identifies the access token +- [!645](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/645) - Add `OAuth2::OAUTH_DEBUG` constant, based on `ENV["OAUTH_DEBUG"] (@pboling) +- [!646](https://gitlab.com/oauth-xx/oauth2/-/merge_requests/646) - Add `OAuth2.config.silence_extra_tokens_warning`, default: false (@pboling) ### Changed +- Default value of `OAuth2.config.silence_extra_tokens_warning` was `false`, now `true` - Gem releases are now cryptographically signed, with a 20-year cert (@pboling) - Allow linux distros to build release without signing, as their package managers sign independently ### Fixed