Commit 471ce309 authored by Maxwell Salzberg's avatar Maxwell Salzberg

kill your darlings; remove diaspora_client with fire

parent 69d81951
......@@ -6,10 +6,11 @@ ruby '1.9.3' if ENV['HEROKU']
gem 'rails', '3.2.2'
gem 'foreman', '0.41'
gem 'whenever'
gem 'whenever' #why is this in the bundle
gem 'rails_autolink'
gem 'thin', '~> 1.3.1', :require => false
gem 'thin', '~> 1.3.1', :require => false #why is this here?
# cross-origin resource sharing
......@@ -18,8 +19,7 @@ gem 'rack-cors', '~> 0.2.4', :require => 'rack/cors'
# authentication
gem 'devise', '1.5.3'
gem 'jwt'
gem 'oauth2-provider', '0.0.19'
gem 'remotipart', '~> 1.0'
gem 'omniauth', '1.0.3'
......@@ -90,6 +90,7 @@ gem 'resque', '1.20.0'
gem 'resque-timeout', '1.0.0'
gem 'SystemTimer', '1.2.3', :platforms => :ruby_18
gem 'rest-client' #why, need to switch to faraday
# tags
gem 'acts-as-taggable-on', '~> 2.2.2'
......@@ -148,11 +149,9 @@ group :test do
gem 'database_cleaner', '0.7.1'
gem 'timecop'
#"0.1.0", #:path => '~/workspace/diaspora-client'
gem 'factory_girl_rails', '1.7.0'
gem 'fixture_builder', '0.3.3'
gem 'fuubar', '>= 1.0'
gem 'mongrel', :require => false, :platforms => :ruby_18
gem 'rspec', '>= 2.0.0'
gem 'rspec-core', '~> 2.9.0'
gem 'rspec-instafail', '>= 0.1.7', :require => false
......@@ -167,6 +166,9 @@ group :test do
gem 'guard-rspec'
gem 'guard-spork'
gem 'guard-cucumber'
gem 'mongrel', :require => false, :platforms => :ruby_18 #why
end
group :test, :development do
......
......@@ -13,20 +13,6 @@ GIT
specs:
settingslogic (2.0.8)
GIT
remote: git://github.com/diaspora/diaspora-client.git
revision: 86bd398a60320e06d9b8f9c865955dfe2df851db
specs:
diaspora-client (0.1.3.1)
activerecord
em-http-request
em-synchrony
faraday
jwt (>= 0.1.3)
oauth2 (= 0.5.0)
rack-fiber_pool
sinatra
GIT
remote: git://github.com/pivotal/jasmine-gem.git
revision: 1e075fbf5a69812fcc914c453f002ecf5bed38ab
......@@ -120,7 +106,6 @@ GEM
execjs
coffee-script-source (1.3.2)
columnize (0.3.6)
cookiejar (0.3.0)
crack (0.3.1)
cucumber (1.2.0)
builder (>= 2.1.2)
......@@ -145,16 +130,6 @@ GEM
orm_adapter (~> 0.0.3)
warden (~> 1.1)
diff-lcs (1.1.3)
em-http-request (1.0.2)
addressable (>= 2.2.3)
cookiejar
em-socksify
eventmachine (>= 1.0.0.beta.4)
http_parser.rb (>= 0.5.3)
em-socksify (0.2.0)
eventmachine (>= 1.0.0.beta.4)
em-synchrony (1.0.0)
eventmachine (>= 1.0.0.beta.1)
erubis (2.7.0)
eventmachine (1.0.0.beta.4)
excon (0.13.4)
......@@ -236,7 +211,6 @@ GEM
hodel_3000_compliant_logger (0.1.0)
hpricot (0.8.6)
http_accept_language (1.0.2)
http_parser.rb (0.5.3)
i18n (0.6.0)
i18n-inflector (2.6.6)
i18n (>= 0.4.1)
......@@ -253,8 +227,6 @@ GEM
jquery-rails
railties (>= 3.1.0)
json (1.7.3)
jwt (0.1.4)
json (>= 1.2.4)
kaminari (0.13.0)
actionpack (>= 3.0.0)
activesupport (>= 3.0.0)
......@@ -301,9 +273,6 @@ GEM
oauth2 (0.5.0)
faraday (>= 0.6.1, < 0.8)
multi_json (~> 1.0.0)
oauth2-provider (0.0.19)
activesupport (~> 3.0)
addressable (~> 2.2)
oink (0.9.3)
activerecord
hodel_3000_compliant_logger
......@@ -333,7 +302,6 @@ GEM
rack (>= 0.4)
rack-cors (0.2.6)
rack
rack-fiber_pool (0.9.2)
rack-mobile-detect (0.3.0)
rack
rack-piwik (0.1.2)
......@@ -510,8 +478,6 @@ DEPENDENCIES
database_cleaner (= 0.7.1)
debugger
devise (= 1.5.3)
diaspora-client!
em-synchrony (= 1.0.0)
factory_girl_rails (= 1.7.0)
faraday
faraday_middleware
......@@ -534,7 +500,6 @@ DEPENDENCIES
jasmine!
jquery-rails
json
jwt
linecache (= 0.46)
markerb (~> 1.0.0)
messagebus_ruby_api (= 1.0.3)
......@@ -545,7 +510,6 @@ DEPENDENCIES
mysql2 (= 0.3.11)
newrelic_rpm
nokogiri (= 1.5.2)
oauth2-provider (= 0.0.19)
oink
omniauth (= 1.0.3)
omniauth-facebook
......@@ -565,7 +529,7 @@ DEPENDENCIES
remotipart (~> 1.0)
resque (= 1.20.0)
resque-timeout (= 1.0.0)
rest-client (= 1.6.7)
rest-client
roxml!
rpm_contrib (~> 2.1.7)
rspec (>= 2.0.0)
......
......@@ -3,11 +3,6 @@
# the COPYRIGHT file.
module GettingStartedHelper
# @return [Boolean] The user has connected to cubbi.es
def has_connected_cubbies?
current_user.authorizations.size > 0
end
# @return [Boolean] The user has completed all steps in getting started
def has_completed_getting_started?
current_user.getting_started == false
......
......@@ -42,7 +42,7 @@ class AccountDeleter
#user deletions
def normal_ar_user_associates_to_delete
[:tag_followings, :authorizations, :invitations_to_me, :services, :aspects, :user_preferences, :notifications, :blocks]
[:tag_followings, :invitations_to_me, :services, :aspects, :user_preferences, :notifications, :blocks]
end
def special_ar_user_associations
......@@ -50,7 +50,7 @@ class AccountDeleter
end
def ignored_ar_user_associations
[:followed_tags, :invited_by, :contact_people, :applications, :aspect_memberships, :ignored_people]
[:followed_tags, :invited_by, :contact_people, :aspect_memberships, :ignored_people]
end
def delete_standard_user_associations
......
class OAuth2::Provider::Models::ActiveRecord::Authorization
validates_presence_of :resource_owner_id, :resource_owner_type
validates_uniqueness_of :client_id, :scope => :resource_owner_id
end
class OAuth2::Provider::Models::ActiveRecord::Client
def self.find_or_create_from_manifest!(manifest, pub_key)
find_by_name(manifest['name']) || self.create!(
:name => manifest["name"],
:permissions_overview => manifest["permissions_overview"],
:description => manifest["description"],
:application_base_url => manifest["application_base_url"],
:icon_url => manifest["icon_url"],
:public_key => pub_key.export
)
end
end
......@@ -59,8 +59,6 @@ class User < ActiveRecord::Base
has_many :notifications, :foreign_key => :recipient_id
has_many :authorizations, :class_name => 'OAuth2::Provider::Models::ActiveRecord::Authorization', :foreign_key => :resource_owner_id
has_many :applications, :through => :authorizations, :source => :client
before_save :guard_unconfirmed_email,
:save_person!
......
-# Copyright (c) 2010-2011, Diaspora Inc. This file is
-# licensed under the Affero General Public License version 3 or later. See
-# the COPYRIGHT file.
- content_for :page_title do
= "everything happening from #{@app}"
- content_for :head do
= javascript_include_tag :home
- content_for :body_class do
= "apps_show"
- content_for :break_the_mold do
= "width:100%;"
%h1
= "#{@app}"
#main_stream.stream.canvas
- if @posts.length > 0
- for post in @posts
.image-element.stream_element
.hold-me
= link_to(image_tag(post.image_url), post_path(post))
.via
= post.author.name
.time{:integer => post.created_at.to_i}
#pagination
=link_to(t('more'), next_page_path, :class => 'paginate')
-# Copyright (c) 2010-2011, Diaspora Inc. This file is
-# licensed under the Affero General Public License version 3 or later. See
-# the COPYRIGHT file.
#section_header
%h2
= t('settings')
= render 'shared/settings_nav'
.span-19.prepend-5.last
#applications_stream.stream
-if @applications.any?
- @applications.each do |app|
.stream_element{:id => app.id}
.float-right
= link_to t('.revoke_access'), authorization_path(:id => app.id), :method => :delete, :confirm => 'are you sure?', :class => "button"
.media
- if app.icon_url
.img
= image_tag(app.application_base_url + app.icon_url, :class => "avatar")
.bd
%div.from
= link_to app.name, app.application_base_url
= app.description
- else
= t('.no_applications')
-# Copyright (c) 2010-2011, Diaspora Inc. This file is
-# licensed under the Affero General Public License version 3 or later. See
-# the COPYRIGHT file.
%h3
= t('_applications')
#applications_stream.stream
- if @applications.count > 0
- for app in @applications
.stream_element{:id => app.id}
.right
= link_to t('.revoke_access'), authorization_path(:id => app.id), :method => :delete, :confirm => 'are you sure?', :class => "button"
- if app.icon_url
= image_tag(app.application_base_url + app.icon_url, :class => "avatar")
.content
%div.from
= link_to app.name, app.application_base_url
= app.description
- else
= t('.no_applications')
%br
#authorize
#application-description
= image_tag(@client.application_base_url + @client.icon_url, :id => 'client-application-image')
%br
%strong
= @client.name
.description
= @client.description
%h2
= @client.permissions_overview
%ul#requested-scopes
- @requested_scopes.each do |scope|
- if scope == "profile"
%li
.scope-photo
= owner_image_tag
.scope-description
%strong
Basic Info
%br
Cubbies will be able to see your name, profile photo, and other basic profile information.
- elsif scope == "AS_photo:post"
%li
.scope-photo
= image_tag('/assets/icons/photo.png', :title => t('.cubbies_will'))
.scope-description
%strong
Your Photos
%br
Cubbies will be able to post photos on your behalf
= form_for :authorization,
:url => oauth_authorize_path(params.slice(:redirect_uri, :client_id, :client_secret)) do |form|
%br
%p
= form.submit "Fuck Yeah!", :value => t('.authorize'), :class => 'button', :name => "confirm"
= form.submit "Hell No.", :value => t('.nope'), :class => 'button', :name => "cancel"
......@@ -3,4 +3,3 @@
%li= link_to_unless_current t('account'), edit_user_path
%li= link_to_unless_current t('privacy'), privacy_settings_path
%li= link_to_unless_current t('_services'), services_path
%li= link_to_unless_current t('_applications'), authorizations_path
- content_for :page_title do
= t('.connect_to_cubbies')
.span-24.last{:style => "position:relative;"}
.right{:style => 'z-index:10;'}
= link_to t('.sign_up_today'), 'http://cubbi.es', :class => "button sign_up"
%h1
= t('.connect_to_cubbies')
%h3
= t('.what_is_cubbies')
%br
= t('.love_to_try')
%hr
.cubbies_infographic.span-24{:style => "text-align:left;position:relative;"}
= image_tag 'cubbies_screenshot2.png', :height => 452, :width => 600, :class => "cubbies_screenshot"
= image_tag 'cubbies_collage.png', :class => "cubbies_collage"
.span-24.last{:style => "text-align:right;"}
%p.subtle
!= t('.screenshot_explanation', :link1 => link_to(t('.typical_userpage'), "http://cubbi.es/daniel"), :link2 => link_to(t('.daniels_account'), "https://joindiaspora.com/u/daniel"))
%br
%hr
%br
.span-24.last
%h2
= t('.making_the_connection')
%br
.span-24.last
.span-10
= image_tag 'connect_services.png', :class => "cubbies-settings-image"
%div.subtle
!= t('.via', :link => link_to('http://cubbi.es/users/edit', 'http://cubbi.es/users/edit'))
.span-12.last
%h3
!= t('.connecting_is_simple', :diaspora_id => current_user.diaspora_handle, :href_link => 'http://cubbi.es/users/edit')
class RemoveOauth < ActiveRecord::Migration
def up
drop_table 'oauth_access_tokens'
drop_table "oauth_authorization_codes"
drop_table "oauth_authorizations"
drop_table "oauth_clients"
end
def down
create_table "oauth_access_tokens", :force => true do |t|
t.integer "authorization_id", :null => false
t.string "access_token", :limit => 127, :null => false
t.string "refresh_token", :limit => 127
t.datetime "expires_at"
t.datetime "created_at"
t.datetime "updated_at"
end
create_table "oauth_authorization_codes", :force => true do |t|
t.integer "authorization_id", :null => false
t.string "code", :limit => 127, :null => false
t.datetime "expires_at"
t.datetime "created_at"
t.datetime "updated_at"
t.string "redirect_uri"
end
create_table "oauth_authorizations", :force => true do |t|
t.integer "client_id", :null => false
t.integer "resource_owner_id"
t.string "resource_owner_type", :limit => 32
t.string "scope"
t.datetime "expires_at"
end
add_index "oauth_authorizations", ["resource_owner_id", "resource_owner_type", "client_id"], :name => "index_oauth_authorizations_on_resource_owner_and_client_id", :unique => true
create_table "oauth_clients", :force => true do |t|
t.string "name", :limit => 127, :null => false
t.text "description", :null => false
t.string "application_base_url", :limit => 127, :null => false
t.string "icon_url", :limit => 127, :null => false
t.string "oauth_identifier", :limit => 127, :null => false
t.string "oauth_secret", :limit => 127, :null => false
t.string "nonce", :limit => 127
t.text "public_key", :null => false
t.text "permissions_overview", :null => false
t.string "oauth_redirect_uri"
end
add_index "oauth_clients", ["application_base_url"], :name => "index_oauth_clients_on_application_base_url", :unique => true
add_index "oauth_clients", ["name"], :name => "index_oauth_clients_on_name", :unique => true
add_index "oauth_clients", ["nonce"], :name => "index_oauth_clients_on_nonce", :unique => true
end
end
This diff is collapsed.
@wip @javascript @oauth-group
Feature: oauth
Exchanging oauth credentials
Background:
Given Chubbies has been killed
And Chubbies is running
And I visit "/reset" on Chubbies
And a user with username "bob" and password "secret"
Scenario: Authorize Chubbies
When I try to authorize Chubbies
When I press "Authorize"
Then I should be on "/account" on Chubbies
And I should see my "profile.birthday"
And I should see my "name"
Scenario: Signup+login (Diaspora Connect) with Chubbies
When I visit "/reset" on Chubbies
And I should have 0 user on Chubbies
And I try to authorize Chubbies
And I press "Authorize"
Then I should be on "/account" on Chubbies
And I should have 1 user on Chubbies
Scenario: Signing up as a user while someone else is logged into Diaspora
When I change the app_host to Diaspora
Given a user with username "alice"
When I sign in as "alice@alice.alice"
Then I visit "/new" on Chubbies
And I fill in "Diaspora ID" with "bob@localhost:9887"
And I press "Connect to Diaspora"
Then I should be on the new user session page
And the "Username" field within "#user_new" should contain "bob"
Scenario: Not authorize Chubbies
When I try to authorize Chubbies
When I press "No"
Then I should be on "/account" on Chubbies
And I should have 0 user on Chubbies
Scenario: Authorize Chubbies when Chubbies is already connected
Given Chubbies is registered on my pod
When I try to authorize Chubbies
And there is only one Chubbies
When I press "Authorize"
Then I should be on "/account" on Chubbies
And I should see my "profile.birthday"
And I should see my "name"
Scenario: Authorize Chubbies when the pod knows about Chubbies
Given Chubbies is registered on my pod
When I try to authorize Chubbies
And I visit "/reset" on Chubbies
And I change the app_host to Diaspora
And I go to the destroy user session page
When I try to authorize Chubbies
And there is only one Chubbies
When I press "Authorize"
Then I should be on "/account" on Chubbies
And I should see my "profile.birthday"
And I should see my "name"
Scenario: Authorize Chubbies should place it on the authorized applications page
When I try to authorize Chubbies
When I press "Authorize"
And I change the app_host to Diaspora
And I am on the authorizations page
Then I should see "Chubbies"
And I should see "The best way to chub."
Scenario: Removing Chubbies from the authorized applications list de-authorizes it
When I try to authorize Chubbies
When I press "Authorize"
And I change the app_host to Diaspora
And I am on the authorizations page
And I preemptively confirm the alert
And I follow "Revoke Access"
Then I visit "/account?id=1" on Chubbies
Then I should see "Token invalid"
Scenario: Re-registering a client if the client recognizes the diaspora pod but the diaspora pod has since been reset
Given Chubbies is registered on my pod
And I remove all traces of Chubbies on the pod
When I try to authorize Chubbies
When I press "Authorize"
Then I should be on "/account" on Chubbies
And I should see my "profile.birthday"
And I should see my "name"
Scenario: Login in with Chubbies when you already authorized it
Given Chubbies is registered on my pod
And I should have 0 user on Chubbies
When I try to authorize Chubbies
When I press "Authorize"
Then I should be on "/account" on Chubbies
And I should have 1 user on Chubbies
Then I visit "/new" on Chubbies
And I fill in my Diaspora ID to connect
And I press "Connect to Diaspora"
Then I should be on "/account" on Chubbies
And I should have 1 user on Chubbies
When I change the app_host to Diaspora
Given /^Chubbies is running$/ do
Chubbies.run unless Chubbies.running?
end
Given /^Chubbies has been killed$/ do
Chubbies.kill
end
Given /^Chubbies is registered on my pod$/ do
packaged_manifest = JSON.parse(RestClient.get("localhost:#{Chubbies::PORT}/manifest.json").body)
public_key = OpenSSL::PKey::RSA.new(packaged_manifest['public_key'])
manifest = JWT.decode(packaged_manifest['jwt'], public_key)
client = OAuth2::Provider.client_class.find_or_create_from_manifest!(manifest, public_key)
params = {:client_id => client.oauth_identifier,
:client_secret => client.oauth_secret,
:host => "localhost:9887"}
RestClient.post("localhost:#{Chubbies::PORT}/register", params)
end
And /^I should see my "([^"]+)"/ do |code|
page.should have_content(@me.person.instance_eval(code).to_s)
end
And /^there is only one Chubbies$/ do
OAuth2::Provider.client_class.where(:name => "Chubbies").count.should == 1
end
And /^I remove all traces of Chubbies on the pod$/ do
OAuth2::Provider.client_class.destroy_all
end
When /^I try to authorize Chubbies$/ do
# We need to reset the tokens saved in Chubbies,
# as we are clearing the Diaspora DB every scenario
step 'I visit "/new" on Chubbies'
###
step "I fill in my Diaspora ID to connect"
step 'I press "Connect to Diaspora"'
step 'I should be on the new user session page'
step "I fill in \"Username\" with \"#{@me.username}\""
step "I fill in \"Password\" with \"#{@me.password}\""
step 'I press "Sign in"'
step 'I should be on the oauth authorize page'
step 'I should see "Chubbies"'
step 'I should see "The best way to chub."'
end
And /^I fill in my Diaspora ID to connect$/ do
step "I fill in \"Diaspora ID\" with \"#{@me.diaspora_handle}\""
end
And /^I should have (\d) user on Chubbies$/ do |num|
step "I visit \"/user_count\" on Chubbies"
step "I should see \"#{num}\""
end
When /^I visit "([^"]+)" on Chubbies$/ do |path|
Capybara.app_host = "http://localhost:#{Chubbies::PORT}"
visit(path)
end
When /^I change the app_host to Diaspora$/ do
Capybara.app_host = "http://localhost:9887"