allow unauthenticated custom clients with nil config

and treat custom clients with missing id or password as an error, not unauthenticated client

Author: mackuba

lib/minisky/minisky.rb

@@ -53,9 +53,7 @@ def initialize(host, config_file, options = {})
         raise AuthError, "Missing user id or password in the config file #{@config_file}"
       end
     else
-      @config = {}
-      @send_auth_headers = false
-      @auto_manage_tokens = false
+      @config = nil
     end
 
     if active_repl?

lib/minisky/requests.rb

@@ -13,6 +13,10 @@ def initialize(config)
       @config = config
     end
 
+    def has_credentials?
+      !!(id && pass)
+    end
+
     def logged_in?
       !!(access_token && refresh_token)
     end
@@ -49,19 +53,20 @@ module Requests
     attr_writer :send_auth_headers
     attr_writer :auto_manage_tokens
 
-    # Tells whether to set authentication headers automatically (default: true).
+    # Tells whether to set authentication headers automatically (default: true if there
+    # is a user config).
     #
     # If false, you will need to pass `auth: 'sometoken'` explicitly to requests that
     # require authentication.
     #
     # @return [Boolean] whether to set authentication headers in requests
     #
     def send_auth_headers
-      instance_variable_defined?('@send_auth_headers') ? @send_auth_headers : true
+      instance_variable_defined?('@send_auth_headers') ? @send_auth_headers : (config != nil)
     end
 
     # Tells whether the library should manage the access & refresh tokens automatically
-    # for you (default: true).
+    # for you (default: true if there is a user config).
     #
     # If true, {#check_access} is called before each request to make sure that there is a
     # fresh access token available; if false, you will need to call {#log_in} and
@@ -70,7 +75,7 @@ def send_auth_headers
     # @return [Boolean] whether to automatically manage access tokens
     #
     def auto_manage_tokens
-      instance_variable_defined?('@auto_manage_tokens') ? @auto_manage_tokens : true
+      instance_variable_defined?('@auto_manage_tokens') ? @auto_manage_tokens : (config != nil)
     end
 
     alias progress default_progress
@@ -85,7 +90,7 @@ def base_url
     end
 
     def user
-      @user ||= User.new(config)
+      @user ||= config && User.new(config)
     end
 
     # Sends a GET request to the service's API.
@@ -307,7 +312,11 @@ def fetch_all(method, params = nil, auth: default_auth_mode,
     #   - if a token has invalid format
 
     def check_access
-      if !user.logged_in?
+      if !user
+        raise AuthError, "User config is missing"
+      elsif !user.has_credentials?
+        raise AuthError, "User id or password is missing"
+      elsif !user.logged_in?
         log_in
         :logged_in
       elsif access_token_expired?
@@ -332,7 +341,7 @@ def check_access
     # @raise [BadResponse] if the server responds with an error status code
 
     def log_in
-      if user.id.nil? || user.pass.nil?
+      if user.nil? || !user.has_credentials?
         raise AuthError, "To log in, please provide a user id and password"
       end
 
@@ -368,7 +377,7 @@ def log_in
     # @raise [BadResponse] if the server responds with an error status code
 
     def perform_token_refresh
-      if user.refresh_token.nil?
+      if user&.refresh_token.nil?
         raise AuthError, "Can't refresh access token - refresh token is missing"
       end
 
@@ -406,6 +415,10 @@ def access_token_expired?
     #
 
     def reset_tokens
+      if !user
+        raise AuthError, "User config is missing"
+      end
+
       user.access_token = nil
       user.refresh_token = nil
       save_config
@@ -447,7 +460,7 @@ def authentication_header(auth)
       if auth.is_a?(String)
         { 'Authorization' => "Bearer #{auth}" }
       elsif auth
-        if user.access_token
+        if user&.access_token
           { 'Authorization' => "Bearer #{user.access_token}" }
         else
           raise AuthError, "Can't send auth headers, access token is missing"

spec/custom_client_spec.rb

@@ -1,4 +1,5 @@
 require 'json'
+require_relative 'shared/ex_incomplete_auth'
 require_relative 'shared/ex_requests'
 require_relative 'shared/ex_unauthed'
 
@@ -9,8 +10,8 @@ class CustomJSONClient
 
   attr_reader :config
 
-  def initialize
-    @config = JSON.parse(File.read(CONFIG_FILE))
+  def initialize(config_file = CONFIG_FILE)
+    @config = config_file && JSON.parse(File.read(config_file))
   end
 
   def host
@@ -41,38 +42,70 @@ def save_config
       File.write('test.json', JSON.generate(data))
     end
 
-    include_examples "authenticated requests", 'at.x.com'
+    it 'should send auth headers by default' do
+      subject.send_auth_headers.should == true
+    end
+
+    it 'should manage tokens by default' do
+      subject.auto_manage_tokens.should == true
+    end
+
+    it 'should not set default progress' do
+      subject.progress.should be_nil
+    end
+
+    describe '(requests)' do
+      include_examples "authenticated requests", 'at.x.com'
+    end
+  end
+
+  context 'with no user config,' do
+    subject { CustomJSONClient.new(nil) }
+
+    it 'should not send auth headers' do
+      subject.send_auth_headers.should == false
+    end
+
+    it 'should not manage tokens' do
+      subject.auto_manage_tokens.should == false
+    end
+
+    it 'should not set default progress' do
+      subject.progress.should be_nil
+    end
+
+    include_examples "unauthenticated user"
   end
 
   context 'if id field is nil,' do
     before do
-      File.write('test.json', JSON.generate(data.merge('id' => nil)))
+      File.write('test.json', JSON.generate(id: nil, pass: 'ok'))
     end
 
-    include_examples "unauthenticated user"
+    include_examples "custom client with incomplete auth"
   end
 
   context 'if id field is not included' do
     before do
-      File.write('test.json', JSON.generate(data.slice('pass', 'access_token', 'refresh_token')))
+      File.write('test.json', JSON.generate(pass: 'ok'))
     end
 
-    include_examples "unauthenticated user"
+    include_examples "custom client with incomplete auth"
   end
 
   context 'if pass field is nil' do
     before do
-      File.write('test.json', JSON.generate(data.merge('pass' => nil)))
+      File.write('test.json', JSON.generate(id: 'id', pass: nil))
     end
 
-    include_examples "unauthenticated user"
+    include_examples "custom client with incomplete auth"
   end
 
   context 'if pass field is not included' do
     before do
-      File.write('test.json', JSON.generate(data.slice('id', 'access_token', 'refresh_token')))
+      File.write('test.json', JSON.generate(id: 'id'))
     end
 
-    include_examples "unauthenticated user"
+    include_examples "custom client with incomplete auth"
   end
 end

spec/shared/ex_incomplete_auth.rb

@@ -0,0 +1,36 @@
+shared_examples "custom client with incomplete auth" do
+  it 'should have send_auth_headers enabled' do
+    subject.send_auth_headers.should == true
+  end
+
+  it 'should have auto_manage_tokens enabled' do
+    subject.auto_manage_tokens.should == true
+  end
+
+  it 'should fail on get_request' do
+    expect { subject.get_request('com.example.service.getStuff') }.to raise_error(Minisky::AuthError)
+  end
+
+  it 'should fail on post_request' do
+    expect { subject.post_request('com.example.service.doStuff', 'qqq') }.to raise_error(Minisky::AuthError)
+  end
+
+  it 'should fail on fetch_all' do
+    expect { subject.fetch_all('com.example.service.fetchStuff', {}, field: 'feed') }.to raise_error(Minisky::AuthError)
+  end
+
+  it 'should fail on check_access' do
+    expect { subject.check_access }.to raise_error(Minisky::AuthError)
+  end
+
+  it 'should fail on log_in' do
+    expect { subject.log_in }.to raise_error(Minisky::AuthError)
+  end
+
+  it 'should fail on perform_token_refresh' do
+    expect { subject.perform_token_refresh }.to raise_error(Minisky::AuthError)
+  end
+
+  # todo perform w/ access token
+  # todo test if properties turned off
+end

spec/user_spec.rb

@@ -37,4 +37,20 @@
       subject.logged_in?.should be true
     end
   end
+
+  context '#has_credentials?' do
+    it 'should return false if id is missing' do
+      subject.instance_variable_get('@config')['id'] = nil
+      subject.has_credentials?.should be false
+    end
+
+    it 'should return false if pass is missing' do
+      subject.instance_variable_get('@config')['pass'] = nil
+      subject.has_credentials?.should be false
+    end
+
+    it 'should return true if both id and pass are set' do
+      subject.has_credentials?.should be true
+    end
+  end
 end