session_test.rb 4.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899
  1. require 'test_helper'
  2. class SessionTest < Test::Unit::TestCase
  3. context "Session" do
  4. should "not be valid without a url" do
  5. session = ShopifyAPI::Session.new(nil, "any-token")
  6. assert_not session.valid?
  7. end
  8. should "not be valid without token" do
  9. session = ShopifyAPI::Session.new("testshop.myshopify.com")
  10. assert_not session.valid?
  11. end
  12. should "be valid with any token and any url" do
  13. session = ShopifyAPI::Session.new("testshop.myshopify.com", "any-token")
  14. assert session.valid?
  15. end
  16. should "not raise error without params" do
  17. assert_nothing_raised do
  18. session = ShopifyAPI::Session.new("testshop.myshopify.com", "any-token")
  19. end
  20. end
  21. should "raise error if params passed but signature omitted" do
  22. assert_raises(RuntimeError) do
  23. session = ShopifyAPI::Session.new("testshop.myshopify.com", "any-token", {'foo' => 'bar'})
  24. end
  25. end
  26. should "setup api_key and secret for all sessions" do
  27. ShopifyAPI::Session.setup(:api_key => "My test key", :secret => "My test secret")
  28. assert_equal "My test key", ShopifyAPI::Session.api_key
  29. assert_equal "My test secret", ShopifyAPI::Session.secret
  30. end
  31. should "use 'https' protocol by default for all sessions" do
  32. assert_equal 'https', ShopifyAPI::Session.protocol
  33. end
  34. should "#temp reset ShopifyAPI::Base.site to original value" do
  35. ShopifyAPI::Session.setup(:api_key => "key", :secret => "secret")
  36. session1 = ShopifyAPI::Session.new('fakeshop.myshopify.com', 'token1')
  37. ShopifyAPI::Base.activate_session(session1)
  38. ShopifyAPI::Session.temp("testshop.myshopify.com", "any-token") {
  39. @assigned_site = ShopifyAPI::Base.site
  40. }
  41. assert_equal 'https://testshop.myshopify.com/admin', @assigned_site.to_s
  42. assert_equal 'https://fakeshop.myshopify.com/admin', ShopifyAPI::Base.site.to_s
  43. end
  44. should "request token should get token" do
  45. ShopifyAPI::Session.setup(:api_key => "My test key", :secret => "My test secret")
  46. session = ShopifyAPI::Session.new('http://localhost.myshopify.com')
  47. fake nil, :url => 'https://localhost.myshopify.com/admin/oauth/access_token',:method => :post, :body => '{"access_token" : "token"}'
  48. assert_equal "token", session.request_token("code")
  49. end
  50. should "raise exception if code invalid in request token" do
  51. ShopifyAPI::Session.setup(:api_key => "My test key", :secret => "My test secret")
  52. session = ShopifyAPI::Session.new('http://localhost.myshopify.com')
  53. fake nil, :url => 'https://localhost.myshopify.com/admin/oauth/access_token',:method => :post, :status => 404, :body => '{"error" : "invalid_request"}'
  54. assert_raises(RuntimeError) do
  55. session.request_token("bad_code")
  56. end
  57. assert_equal false, session.valid?
  58. end
  59. should "#temp reset ShopifyAPI::Base.site to original value when using a non-standard port" do
  60. ShopifyAPI::Session.setup(:api_key => "key", :secret => "secret")
  61. session1 = ShopifyAPI::Session.new('fakeshop.myshopify.com:3000', 'token1')
  62. ShopifyAPI::Base.activate_session(session1)
  63. ShopifyAPI::Session.temp("testshop.myshopify.com", "any-token") {
  64. @assigned_site = ShopifyAPI::Base.site
  65. }
  66. assert_equal 'https://testshop.myshopify.com/admin', @assigned_site.to_s
  67. assert_equal 'https://fakeshop.myshopify.com:3000/admin', ShopifyAPI::Base.site.to_s
  68. end
  69. should "return site for session" do
  70. session = ShopifyAPI::Session.new("testshop.myshopify.com", "any-token")
  71. assert_equal "https://testshop.myshopify.com/admin", session.site
  72. end
  73. should "raise error if signature does not match expected" do
  74. ShopifyAPI::Session.secret = 'secret'
  75. params = {:foo => 'hello', :foo => 'world', :timestamp => Time.now}
  76. sorted_params = params.except(:signature, :action, :controller).collect{|k,v|"#{k}=#{v}"}.sort.join
  77. signature = Digest::MD5.hexdigest(ShopifyAPI::Session.secret + sorted_params)
  78. session = ShopifyAPI::Session.new("testshop.myshopify.com", "any-token", params.merge(:signature => signature))
  79. end
  80. end
  81. end