Skip to content

Commit

Permalink
Disable parameter wrapping in TokensController (#42)
Browse files Browse the repository at this point in the history 
* Disable parameter wrapping in Devise::Api::TokensController

* Fix failing Devise::Api::Responses::TokenResponse specs
  • Loading branch information
@k-p-jones
k-p-jones committed Jun 12, 2024
1 parent 05ba483 commit 006bdde
Show file tree
Hide file tree
Showing 2 changed files with 32 additions and 71 deletions.
1 change: 1 addition & 0 deletions app/controllers/devise/api/tokens_controller.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
module Devise
module Api
class TokensController < Devise.api.config.base_controller.constantize
wrap_parameters false
skip_before_action :verify_authenticity_token, raise: false
before_action :authenticate_devise_api_token!, only: %i[info]

Expand Down
102 changes: 31 additions & 71 deletions spec/devise/api/responses/token_response_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,26 @@
require 'spec_helper'

RSpec.describe Devise::Api::Responses::TokenResponse do
context 'action types' do
let(:resource_owner) { double('resource_owner') }
let(:token) { double('token', resource_owner: resource_owner) }
let(:resource_owner) do
FactoryBot.build(
:user,
id: 1,
email: '[email protected]',
created_at: Time.now,
updated_at: Time.now
)
end
let(:token) do
FactoryBot.build(
:devise_api_token,
resource_owner: resource_owner,
access_token: 'access_token',
refresh_token: 'refresh_token',
expires_in: 3600
)
end

context 'action types' do
it 'has a list of actions' do
expect(described_class::ACTIONS).to eq(%i[sign_in sign_up refresh revoke info])
end
Expand All @@ -21,17 +37,6 @@
end

context 'sign in' do
let(:resource_owner) do
double('resource_owner',
id: 1,
email: '[email protected]',
created_at: Time.now,
updated_at: Time.now)
end
let(:token) do
double('token', resource_owner: resource_owner, access_token: 'access_token', refresh_token: 'refresh_token',
expires_in: 3600)
end
let(:token_response) { described_class.new(nil, token: token, action: :sign_in) }

it 'returns the correct body' do
Expand All @@ -45,7 +50,7 @@
email: '[email protected]',
created_at: resource_owner.created_at,
updated_at: resource_owner.updated_at
}
}.stringify_keys
})
end

Expand All @@ -55,24 +60,10 @@
end

context 'sign up' do
let(:supported_devise_modules) { double('supported_devise_modules', confirmable?: true) }
let(:resource_owner_class) { double('resource_owner_class', supported_devise_modules: supported_devise_modules) }
let(:resource_owner) do
double('resource_owner',
id: 1,
email: '[email protected]',
created_at: Time.now,
updated_at: Time.now,
class: resource_owner_class,
confirmed?: true)
end
let(:token) do
double('token', resource_owner: resource_owner, access_token: 'access_token', refresh_token: 'refresh_token',
expires_in: 3600)
end
let(:token_response) { described_class.new(nil, token: token, action: :sign_up) }

it 'returns the correct body' do
allow(resource_owner).to receive(:confirmed?).and_return(true)
expect(token_response.body).to eq({
token: 'access_token',
refresh_token: 'refresh_token',
Expand All @@ -83,7 +74,7 @@
email: '[email protected]',
created_at: resource_owner.created_at,
updated_at: resource_owner.updated_at
},
}.stringify_keys,
confirmable: {
confirmed: true
}
Expand All @@ -96,17 +87,6 @@
end

context 'refresh' do
let(:resource_owner) do
double('resource_owner',
id: 1,
email: '[email protected]',
created_at: Time.now,
updated_at: Time.now)
end
let(:token) do
double('token', resource_owner: resource_owner, access_token: 'access_token', refresh_token: 'refresh_token',
expires_in: 3600)
end
let(:token_response) { described_class.new(nil, token: token, action: :refresh) }

it 'returns the correct body' do
Expand All @@ -120,7 +100,7 @@
email: '[email protected]',
created_at: resource_owner.created_at,
updated_at: resource_owner.updated_at
}
}.stringify_keys
})
end

Expand All @@ -130,17 +110,6 @@
end

context 'revoke' do
let(:resource_owner) do
double('resource_owner',
id: 1,
email: '[email protected]',
created_at: Time.now,
updated_at: Time.now)
end
let(:token) do
double('token', resource_owner: resource_owner, access_token: 'access_token', refresh_token: 'refresh_token',
expires_in: 3600)
end
let(:token_response) { described_class.new(nil, token: token, action: :revoke) }

it 'returns the correct body' do
Expand All @@ -153,26 +122,17 @@
end

context 'info' do
let(:resource_owner) do
double('resource_owner',
id: 1,
email: '[email protected]',
created_at: Time.now,
updated_at: Time.now)
end
let(:token) do
double('token', resource_owner: resource_owner, access_token: 'access_token', refresh_token: 'refresh_token',
expires_in: 3600)
end
let(:token_response) { described_class.new(nil, token: token, action: :info) }

it 'returns the correct body' do
expect(token_response.body).to eq({
id: 1,
email: '[email protected]',
created_at: resource_owner.created_at,
updated_at: resource_owner.updated_at
})
expect(token_response.body).to eq(
{
id: 1,
email: '[email protected]',
created_at: resource_owner.created_at,
updated_at: resource_owner.updated_at
}.stringify_keys
)
end

it 'returns the correct status' do
Expand Down

0 comments on commit 006bdde

Please sign in to comment.