✅ More tests

Author: pboling

README.md

@@ -50,7 +50,7 @@ Compatible with MRI Ruby 2.3+, and concordant releases of JRuby, and TruffleRuby
 ### Federated DVCS
 
 <details>
-  <summary>Find this repo on other forges (Coming soon!)</summary>
+  <summary>Find this repo on other forges</summary>
 
 | Federated [DVCS][💎d-in-dvcs] Repository        | Status                                                                | Issues                    | PRs                      | Wiki                      | CI                       | Discussions                  |
 |-------------------------------------------------|-----------------------------------------------------------------------|---------------------------|--------------------------|---------------------------|--------------------------|------------------------------|

spec/oauth/tty/authorize_command_spec.rb

@@ -0,0 +1,87 @@
+# frozen_string_literal: true
+
+RSpec.describe OAuth::TTY::Commands::AuthorizeCommand do
+  let(:stdout) { StringIO.new }
+  let(:stdin) { StringIO.new }
+  let(:stderr) { StringIO.new }
+
+  def build_cmd(args = [])
+    described_class.new(stdout, stdin, stderr, args)
+  end
+
+  describe "#_run happy path with callback confirmed", :check_output do
+    it "sets version to 1.0a and prompts for verifier, then prints response params" do
+      consumer = instance_double("OAuth::Consumer")
+      request_token = instance_double("OAuth::RequestToken")
+      access_token = instance_double("OAuth::AccessToken", params: {"oauth_token" => "OTK", :symbol_key => "ignored"})
+
+      # Provide deterministic nonce/timestamp used by defaults through Command
+      allow(OAuth::Helper).to receive(:generate_key).and_return("KEY")
+      allow(OAuth::Helper).to receive(:generate_timestamp).and_return("TS")
+
+      expect(OAuth::Consumer).to receive(:new).and_return(consumer)
+      expect(consumer).to receive(:get_request_token).with({oauth_callback: nil}, {}).and_return(request_token)
+
+      expect(request_token).to receive(:callback_confirmed?).and_return(true)
+      expect(request_token).to receive(:authorize_url).and_return("https://example.com/authorize")
+
+      # stdin provides a verifier when version is 1.0a
+      stdin.write("VERIFIER\n")
+      stdin.rewind
+
+      expect(request_token).to receive(:get_access_token).with({oauth_verifier: "VERIFIER"}).and_return(access_token)
+
+      out_before = stdout.string.dup
+      build_cmd(%w[--consumer-key CK --consumer-secret CS --method GET --uri https://example.com]).run
+
+      stdout.rewind
+      out = stdout.read
+      expect(out).to include("Server appears to support OAuth 1.0a; enabling support.")
+      expect(out).to include("Please visit this url to authorize:")
+      expect(out).to include("https://example.com/authorize")
+      expect(out).to include("Please enter the verification code provided by the SP (oauth_verifier):")
+      expect(out).to include("Response:")
+      # Only non-symbol keys are printed
+      expect(out).to include("  oauth_token: OTK")
+      expect(out).not_to include("symbol_key")
+    end
+  end
+
+  describe "error handling", :check_output do
+    it "alerts when get_request_token raises OAuth::Unauthorized" do
+      consumer = instance_double("OAuth::Consumer")
+
+      expect(OAuth::Consumer).to receive(:new).and_return(consumer)
+      Request = Struct.new(:body, :code, :message)
+      error = OAuth::Unauthorized.new(Request.new("denied", 401, "401 Unauthorized"))
+      expect(consumer).to receive(:get_request_token).and_raise(error)
+
+      build_cmd(%w[--consumer-key CK --consumer-secret CS --uri https://example.com]).send(:get_request_token)
+
+      stderr.rewind
+      err = stderr.read
+      expect(err).to include("A problem occurred while attempting to authorize:")
+      expect(err).to include("denied")
+    end
+
+    it "alerts when get_access_token raises OAuth::Unauthorized" do
+      consumer = instance_double("OAuth::Consumer")
+      request_token = instance_double("OAuth::RequestToken")
+      expect(OAuth::Consumer).to receive(:new).and_return(consumer)
+      expect(consumer).to receive(:get_request_token).and_return(request_token)
+
+      Request2 = Struct.new(:body, :code, :message)
+      error = OAuth::Unauthorized.new(Request2.new("bad_access", 401, "401 Unauthorized"))
+      expect(request_token).to receive(:callback_confirmed?).and_return(false)
+      expect(request_token).to receive(:authorize_url).and_return("https://example.com/authorize")
+      expect(request_token).to receive(:get_access_token).and_raise(error)
+
+      build_cmd(%w[--consumer-key CK --consumer-secret CS --uri https://example.com]).run
+
+      stderr.rewind
+      err = stderr.read
+      expect(err).to include("A problem occurred while attempting to obtain an access token:")
+      expect(err).to include("bad_access")
+    end
+  end
+end

spec/oauth/tty/command_spec.rb

@@ -0,0 +1,168 @@
+# frozen_string_literal: true
+
+RSpec.describe OAuth::TTY::Command do
+  let(:stdout) { StringIO.new }
+  let(:stdin) { StringIO.new }
+  let(:stderr) { StringIO.new }
+
+  # Minimal concrete subclass to enable exercising #run paths
+  class TestCommand < described_class
+    attr_writer :required
+
+    def initialize(stdout, stdin, stderr, arguments)
+      super
+      @required ||= []
+    end
+
+    def required_options
+      @required
+    end
+
+    def _run
+      puts "ran" # use provided stdout
+    end
+  end
+
+  def build_cmd(args = [])
+    TestCommand.new(stdout, stdin, stderr, args)
+  end
+
+  describe "#run", :check_output do
+    it "executes _run when required options are present" do
+      cmd = build_cmd(["--consumer-key", "ck"])
+      cmd.required = [:oauth_consumer_key]
+      out_before = stdout.string.dup
+      cmd.run
+      stdout.rewind
+      expect(stdout.read).to eq(out_before + "ran\n")
+    end
+
+    it "prints missing options and help when required options are absent" do
+      cmd = build_cmd([])
+      cmd.required = [:oauth_consumer_key]
+
+      expect(OAuth::TTY::CLI).to receive(:puts_red).with("Options missing to OAuth CLI: --oauth_consumer_key")
+      cmd.run
+      stdout.rewind
+      expect(stdout.read).to match(/Usage: oauth <command> \[ARGS\]/)
+    end
+  end
+
+  describe "option parser defaults and flags" do
+    it "sets sane defaults" do
+      cmd = build_cmd([])
+      expect(cmd.send(:options)).to include(
+        oauth_signature_method: "HMAC-SHA1",
+        oauth_version: "1.0",
+        scheme: :header,
+        method: :post,
+        params: [],
+        version: "1.0"
+      )
+      # Non-deterministic values are present but not asserted for exact value
+      expect(cmd.send(:options)).to include(:oauth_nonce, :oauth_timestamp)
+    end
+
+    it "switches scheme based on -B/--body, -H/--header, -Q/--query-string" do
+      expect(build_cmd(["-B"]).send(:options)[:scheme]).to eq(:body)
+      expect(build_cmd(["-H"]).send(:options)[:scheme]).to eq(:header)
+      expect(build_cmd(["-Q"]).send(:options)[:scheme]).to eq(:query_string)
+    end
+
+    it "captures verbosity and xmpp flags" do
+      expect(build_cmd(["--verbose"]).send(:options)[:verbose]).to be true
+      expect(build_cmd(["--xmpp"]).send(:options)).to include(xmpp: true)
+      # Exercise predicate helpers
+      cmd = build_cmd(["--xmpp", "--verbose"])
+      expect(cmd.send(:xmpp?)).to be true
+      expect(cmd.send(:verbose?)).to be true
+    end
+
+    it "collects sign/query related switches" do
+      cmd = build_cmd(%w[
+        --method GET
+        --nonce N
+        --parameters a:1
+        --parameters raw_pair
+        --signature-method PLAINTEXT
+        --token T
+        --secret S
+        --timestamp TS
+        --realm R
+        --uri http://example.com/
+        --version 1.0a
+      ])
+      expect(cmd.send(:options)).to include(
+        method: "GET",
+        oauth_nonce: "N",
+        oauth_signature_method: "PLAINTEXT",
+        oauth_token: "T",
+        oauth_token_secret: "S",
+        oauth_timestamp: "TS",
+        realm: "R",
+        uri: "http://example.com/",
+        oauth_version: "1.0a"
+      )
+      expect(cmd.send(:options)[:params]).to eq(["a:1", "raw_pair"])
+    end
+
+    it "honors --no-version by nulling oauth_version" do
+      cmd = build_cmd(["--no-version"])
+      expect(cmd.send(:options)[:oauth_version]).to be_nil
+    end
+
+    it "captures authorization URLs and scope" do
+      cmd = build_cmd(%w[
+        --access-token-url https://example.com/access
+        --authorize-url https://example.com/auth
+        --callback-url https://example.com/cb
+        --request-token-url https://example.com/request
+        --scope email
+      ])
+      expect(cmd.send(:options)).to include(
+        access_token_url: "https://example.com/access",
+        authorize_url: "https://example.com/auth",
+        oauth_callback: "https://example.com/cb",
+        request_token_url: "https://example.com/request",
+        scope: "email"
+      )
+    end
+  end
+
+  describe "#parameters" do
+    it "builds escaped params and merges oauth keys, dropping nil/empty ones" do
+      cmd = build_cmd(%w[
+        --consumer-key CK
+        --token TK
+        --parameters foo:bar
+        --parameters baz:qux
+        --parameters raw=pair
+      ])
+      params = cmd.send(:parameters)
+      # CGI.parse returns arrays of values per key
+      expect(params["foo"]).to eq(["bar"]) # escaped colon-pair
+      expect(params["baz"]).to eq(["qux"]) # escaped colon-pair
+      expect(params["raw"]).to eq(["pair"]) # raw pair preserved
+      # OAuth fields present
+      expect(params).to include(
+        "oauth_consumer_key" => "CK",
+        "oauth_token" => "TK",
+        "oauth_signature_method" => "HMAC-SHA1"
+      )
+      # timestamp, nonce exist but are not asserted exactly
+      expect(params).to include("oauth_timestamp", "oauth_nonce")
+    end
+  end
+
+  describe "output helpers", :check_output do
+    it "writes to stdout and stderr" do
+      cmd = build_cmd([])
+      cmd.send(:puts, "out!")
+      cmd.send(:alert, "err!")
+      stdout.rewind
+      stderr.rewind
+      expect(stdout.read).to eq("out!\n")
+      expect(stderr.read).to eq("err!\n")
+    end
+  end
+end

spec/oauth/tty/sign_command_spec.rb

@@ -0,0 +1,94 @@
+# frozen_string_literal: true
+
+RSpec.describe OAuth::TTY::Commands::SignCommand do
+  let(:stdout) { StringIO.new }
+  let(:stdin) { StringIO.new }
+  let(:stderr) { StringIO.new }
+
+  def build_cmd(args = [])
+    described_class.new(stdout, stdin, stderr, args)
+  end
+
+  describe "non-verbose output", :check_output do
+    it "prints only the signature" do
+      request = double("Request",
+        oauth_parameters: {},
+        non_oauth_parameters: {},
+        oauth_signature: "SIG",
+      )
+
+      expect(OAuth::RequestProxy).to receive(:proxy).and_return(request)
+      expect(request).to receive(:sign!).with(consumer_secret: "CS", token_secret: "TS")
+
+      build_cmd(%w[
+        --consumer-key CK
+        --consumer-secret CS
+        --token TK
+        --secret TS
+        --uri https://example.com
+      ]).run
+
+      stdout.rewind
+      expect(stdout.read).to eq("SIG\n")
+    end
+  end
+
+  describe "verbose output with xmpp", :check_output do
+    it "prints detailed information and an XMPP stanza" do
+      request = double(
+        "Request",
+        oauth_parameters: {
+          "oauth_consumer_key" => "CK",
+          "oauth_token" => "TK",
+          "oauth_signature_method" => "HMAC-SHA1",
+          "oauth_timestamp" => "TS",
+          "oauth_nonce" => "NONCE",
+          "oauth_version" => "1.0",
+        },
+        non_oauth_parameters: {},
+        method: "POST",
+        uri: "https://example.com",
+        normalized_parameters: "a=1&b=2",
+        signature_base_string: "BASE",
+        oauth_signature: "SIG",
+        oauth_consumer_key: "CK",
+        oauth_token: "TK",
+        oauth_signature_method: "HMAC-SHA1",
+        oauth_timestamp: "TS",
+        oauth_nonce: "NONCE",
+        oauth_version: "1.0",
+      )
+
+      # Stub out silent verbose interactions with OAuth::Consumer
+      consumer = instance_double("OAuth::Consumer")
+      req_token = instance_double("OAuth::RequestToken")
+      expect(OAuth::Consumer).to receive(:new).and_return(consumer)
+      expect(consumer).to receive(:get_request_token).and_return(req_token)
+      allow(req_token).to receive(:callback_confirmed?).and_return(false)
+      allow(req_token).to receive(:authorize_url).and_return("https://example.com/authorize")
+      allow(req_token).to receive(:get_access_token).and_return(instance_double("AccessToken"))
+
+      expect(OAuth::RequestProxy).to receive(:proxy).and_return(request)
+      expect(request).to receive(:sign!).with(consumer_secret: "CS", token_secret: "TS")
+
+      build_cmd(%w[
+        --consumer-key CK
+        --consumer-secret CS
+        --token TK
+        --secret TS
+        --uri https://example.com
+        --verbose
+        --xmpp
+      ]).run
+
+      stdout.rewind
+      out = stdout.read
+      expect(out).to include("OAuth parameters:")
+      expect(out).to include("XMPP Stanza:")
+      expect(out).to include("<oauth_consumer_key>CK</oauth_consumer_key>")
+      expect(out).to include("Escaped signature: ")
+      # In XMPP mode, it should not print normalized params line
+      expect(out).not_to include("Normalized params:")
+    end
+  end
+end