mirror of
https://github.com/stripe/stripe-ruby.git
synced 2025-10-04 00:00:47 -04:00
21643f0716
This changes allows for each instance of StripeClient to have its own configuration object instead of relying on the global config. Each instance can be configured to override any global config values previously set.
150 lines
5.9 KiB
Ruby
150 lines
5.9 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require ::File.expand_path("../test_helper", __dir__)
|
|
|
|
module Stripe
|
|
class OAuthTest < Test::Unit::TestCase
|
|
setup do
|
|
Stripe.client_id = "ca_test"
|
|
end
|
|
|
|
teardown do
|
|
Stripe.client_id = nil
|
|
end
|
|
|
|
context ".authorize_url" do
|
|
should "return the authorize URL" do
|
|
uri_str = OAuth.authorize_url(scope: "read_write",
|
|
state: "csrf_token",
|
|
stripe_user: {
|
|
email: "test@example.com",
|
|
url: "https://example.com/profile/test",
|
|
country: "US",
|
|
})
|
|
|
|
uri = URI.parse(uri_str)
|
|
params = CGI.parse(uri.query)
|
|
|
|
assert_equal("https", uri.scheme)
|
|
assert_equal("connect.stripe.com", uri.host)
|
|
assert_equal("/oauth/authorize", uri.path)
|
|
|
|
assert_equal(["ca_test"], params["client_id"])
|
|
assert_equal(["read_write"], params["scope"])
|
|
assert_equal(["test@example.com"], params["stripe_user[email]"])
|
|
assert_equal(["https://example.com/profile/test"], params["stripe_user[url]"])
|
|
assert_equal(["US"], params["stripe_user[country]"])
|
|
end
|
|
|
|
should "optionally return an express path" do
|
|
uri_str = OAuth.authorize_url({}, express: true)
|
|
|
|
uri = URI.parse(uri_str)
|
|
assert_equal("https", uri.scheme)
|
|
assert_equal("connect.stripe.com", uri.host)
|
|
assert_equal("/express/oauth/authorize", uri.path)
|
|
end
|
|
|
|
should "override the api base path when a StripeClient is provided" do
|
|
client = Stripe::StripeClient.new(connect_base: "https://other.stripe.com")
|
|
uri_str = OAuth.authorize_url({}, client: client)
|
|
|
|
uri = URI.parse(uri_str)
|
|
assert_equal("other.stripe.com", uri.host)
|
|
end
|
|
end
|
|
|
|
context ".token" do
|
|
should "exchange a code for an access token" do
|
|
# The OpenAPI fixtures don't cover the OAuth endpoints, so we just
|
|
# stub the request manually.
|
|
stub_request(:post, "#{Stripe.connect_base}/oauth/token")
|
|
.with(body: {
|
|
"grant_type" => "authorization_code",
|
|
"code" => "this_is_an_authorization_code",
|
|
})
|
|
.to_return(body: JSON.generate(access_token: "sk_access_token",
|
|
scope: "read_only",
|
|
livemode: false,
|
|
token_type: "bearer",
|
|
refresh_token: "sk_refresh_token",
|
|
stripe_user_id: "acct_test",
|
|
stripe_publishable_key: "pk_test"))
|
|
|
|
resp = OAuth.token(grant_type: "authorization_code",
|
|
code: "this_is_an_authorization_code")
|
|
assert_equal("sk_access_token", resp.access_token)
|
|
end
|
|
|
|
should "override the API key when client_secret is passed" do
|
|
stub_request(:post, "#{Stripe.connect_base}/oauth/token")
|
|
.with(body: {
|
|
"client_secret" => "client_secret_override",
|
|
"grant_type" => "authorization_code",
|
|
"code" => "this_is_an_authorization_code",
|
|
})
|
|
.with(headers: { "Authorization": "Bearer client_secret_override" })
|
|
.to_return(body: JSON.generate(access_token: "another_access_token"))
|
|
|
|
resp = OAuth.token(client_secret: "client_secret_override",
|
|
grant_type: "authorization_code",
|
|
code: "this_is_an_authorization_code")
|
|
assert_equal("another_access_token", resp.access_token)
|
|
end
|
|
|
|
should "override the api base path when a StripeClient is provided" do
|
|
stub_request(:post, "https://other.stripe.com/oauth/token")
|
|
.with(body: {
|
|
"grant_type" => "authorization_code",
|
|
"code" => "this_is_an_authorization_code",
|
|
})
|
|
.to_return(body: JSON.generate(access_token: "sk_access_token",
|
|
scope: "read_only",
|
|
livemode: false,
|
|
token_type: "bearer",
|
|
refresh_token: "sk_refresh_token",
|
|
stripe_user_id: "acct_test",
|
|
stripe_publishable_key: "pk_test"))
|
|
|
|
client = Stripe::StripeClient.new(connect_base: "https://other.stripe.com")
|
|
resp = OAuth.token(
|
|
{ grant_type: "authorization_code", code: "this_is_an_authorization_code" },
|
|
client: client
|
|
)
|
|
|
|
assert_equal("sk_access_token", resp.access_token)
|
|
end
|
|
end
|
|
|
|
context ".deauthorize" do
|
|
should "deauthorize an account" do
|
|
# The OpenAPI fixtures don't cover the OAuth endpoints, so we just
|
|
# stub the request manually.
|
|
stub_request(:post, "#{Stripe.connect_base}/oauth/deauthorize")
|
|
.with(body: {
|
|
"client_id" => "ca_test",
|
|
"stripe_user_id" => "acct_test_deauth",
|
|
})
|
|
.to_return(body: JSON.generate(stripe_user_id: "acct_test_deauth"))
|
|
|
|
resp = OAuth.deauthorize(stripe_user_id: "acct_test_deauth")
|
|
assert_equal("acct_test_deauth", resp.stripe_user_id)
|
|
end
|
|
|
|
should "override the api base path when a StripeClient is provided" do
|
|
stub_request(:post, "https://other.stripe.com/oauth/deauthorize")
|
|
.with(body: {
|
|
"client_id" => "ca_test",
|
|
"stripe_user_id" => "acct_test_deauth",
|
|
})
|
|
.to_return(body: JSON.generate(stripe_user_id: "acct_test_deauth"))
|
|
|
|
client = Stripe::StripeClient.new(connect_base: "https://other.stripe.com")
|
|
resp = OAuth.deauthorize({ stripe_user_id: "acct_test_deauth" }, client: client)
|
|
|
|
assert_equal("acct_test_deauth", resp.stripe_user_id)
|
|
end
|
|
end
|
|
end
|
|
end
|