fix for #22 impersonation

This commit is contained in:
Oxana Goutnik 2013-01-12 10:29:47 -05:00
parent 280cdff314
commit 7d204ac507
2 changed files with 21 additions and 1 deletions

View File

@ -112,7 +112,7 @@ module Google
# #
# @see Signet::OAuth2::Client.fetch_access_token! # @see Signet::OAuth2::Client.fetch_access_token!
def authorize(person = nil, options={}) def authorize(person = nil, options={})
authorization = self.to_authorization authorization = self.to_authorization(person)
authorization.fetch_access_token!(options) authorization.fetch_access_token!(options)
return authorization return authorization
end end

View File

@ -66,6 +66,26 @@ describe Google::APIClient::JWTAsserter do
claim["scope"].should == 'scope1 scope2' claim["scope"].should == 'scope1 scope2'
end end
it 'should allow impersonation' do
conn = stub_connection do |stub|
stub.post('/o/oauth2/token') do |env|
params = Addressable::URI.form_unencode(env[:body])
JWT.decode(params.assoc("assertion").last, @key.public_key)
params.assoc("grant_type").should == ['grant_type','urn:ietf:params:oauth:grant-type:jwt-bearer']
[200, {}, '{
"access_token" : "1/abcdef1234567890",
"token_type" : "Bearer",
"expires_in" : 3600
}']
end
end
asserter = Google::APIClient::JWTAsserter.new('client1', 'scope1 scope2', @key)
auth = asserter.authorize('user1@email.com', { :connection => conn })
auth.should_not == nil?
auth.person.should == 'user1@email.com'
conn.verify
end
it 'should send valid access token request' do it 'should send valid access token request' do
conn = stub_connection do |stub| conn = stub_connection do |stub|
stub.post('/o/oauth2/token') do |env| stub.post('/o/oauth2/token') do |env|